Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2023-5676 (GCVE-0-2023-5676)
Vulnerability from cvelistv5
Published
2023-11-15 14:02
Modified
2024-08-29 14:50
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-364 - Signal Handler Race Condition
Summary
In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.
References
| URL | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Eclipse Foundation | OpenJ9 |
Version: 0 ≤ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T08:07:32.636Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"tags": [
"x_transferred"
],
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-5676",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-29T14:41:09.024509Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-29T14:50:03.835Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "OpenJ9",
"vendor": "Eclipse Foundation",
"versions": [
{
"lessThan": "0.41.0",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\u003cbr\u003e"
}
],
"value": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-364",
"description": "CWE-364: Signal Handler Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-11-15T14:02:01.422Z",
"orgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"shortName": "eclipse"
},
"references": [
{
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Eclipse OpenJ9 possible infinite busy hang",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "e51fbebd-6053-4e49-959f-1b94eeb69a2c",
"assignerShortName": "eclipse",
"cveId": "CVE-2023-5676",
"datePublished": "2023-11-15T14:02:01.422Z",
"dateReserved": "2023-10-20T04:59:29.125Z",
"dateUpdated": "2024-08-29T14:50:03.835Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2023-5676\",\"sourceIdentifier\":\"emo@eclipse.org\",\"published\":\"2023-11-15T14:15:07.683\",\"lastModified\":\"2024-11-21T08:42:15.140\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\\n\"},{\"lang\":\"es\",\"value\":\"En Eclipse OpenJ9 anterior a la versi\u00f3n 0.41.0, la JVM puede verse forzada a un bloqueo de ocupaci\u00f3n infinita en un bloqueo de giro o una falla de segmentaci\u00f3n si se recibe una se\u00f1al de apagado (SIGTERM, SIGINT o SIGHUP) antes de que la JVM haya terminado de inicializarse.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":4.1,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"HIGH\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":0.5,\"impactScore\":3.6},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.9,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.2,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"emo@eclipse.org\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-364\"}]},{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-362\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"0.41.0\",\"matchCriteriaId\":\"D0B1C1DC-3572-4BD0-9AE4-32F62B970F6A\"}]}]}],\"references\":[{\"url\":\"https://github.com/eclipse-openj9/openj9/pull/18085\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://gitlab.eclipse.org/security/cve-assignement/-/issues/13\",\"source\":\"emo@eclipse.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://github.com/eclipse-openj9/openj9/pull/18085\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Issue Tracking\",\"Patch\"]},{\"url\":\"https://gitlab.eclipse.org/security/cve-assignement/-/issues/13\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://github.com/eclipse-openj9/openj9/pull/18085\", \"tags\": [\"x_transferred\"]}, {\"url\": \"https://gitlab.eclipse.org/security/cve-assignement/-/issues/13\", \"tags\": [\"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-02T08:07:32.636Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2023-5676\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-08-29T14:41:09.024509Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-08-29T14:49:59.299Z\"}}], \"cna\": {\"title\": \"Eclipse OpenJ9 possible infinite busy hang\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"metrics\": [{\"format\": \"CVSS\", \"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 4.1, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"HIGH\", \"confidentialityImpact\": \"NONE\"}, \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"affected\": [{\"vendor\": \"Eclipse Foundation\", \"product\": \"OpenJ9\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"0.41.0\", \"versionType\": \"semver\"}], \"defaultStatus\": \"unaffected\"}], \"references\": [{\"url\": \"https://github.com/eclipse-openj9/openj9/pull/18085\"}, {\"url\": \"https://gitlab.eclipse.org/security/cve-assignement/-/issues/13\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.1.0-dev\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\\n\", \"supportingMedia\": [{\"type\": \"text/html\", \"value\": \"In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\u003cbr\u003e\", \"base64\": false}]}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-364\", \"description\": \"CWE-364: Signal Handler Race Condition\"}]}], \"providerMetadata\": {\"orgId\": \"e51fbebd-6053-4e49-959f-1b94eeb69a2c\", \"shortName\": \"eclipse\", \"dateUpdated\": \"2023-11-15T14:02:01.422Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2023-5676\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-08-29T14:50:03.835Z\", \"dateReserved\": \"2023-10-20T04:59:29.125Z\", \"assignerOrgId\": \"e51fbebd-6053-4e49-959f-1b94eeb69a2c\", \"datePublished\": \"2023-11-15T14:02:01.422Z\", \"assignerShortName\": \"eclipse\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
CERTFR-2024-AVI-0180
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Analytics | Cognos Analytics versions 11.2.x antérieures à 11.2.4 Fix Pack 3 | ||
| IBM | Cognos Analytics | Cognos Analytics versions 11.1.x antérieures à 11.1.7 Fix Pack 8 | ||
| IBM | AIX | AIX versions 7.2 et 7.3 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cognos Analytics | Cognos Analytics versions 12.0.x antérieures à 12.0.2 | ||
| IBM | WebSphere | Websphere Liberty versions antérieures à 23.0.0.12 | ||
| IBM | VIOS | VIOS versions 3.1 et 4.1 sans le dernier correctif de sécurité OpenSSH | ||
| IBM | Cloud Pak | Cognos Dashboards on Cloud Pak for Data versions antérieures à 4.8.3 | ||
| IBM | N/A | Cognos Command Center versions antérieures à 10.2.5 IF1 | ||
| IBM | Cognos Transformer | Cognos Transformer versions antérieures à 11.1.7 Fix Pack 8 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 Fix Pack 3",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 11.1.x ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX versions 7.2 et 7.3 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics versions 12.0.x ant\u00e9rieures \u00e0 12.0.2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Websphere Liberty versions ant\u00e9rieures \u00e0 23.0.0.12",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS versions 3.1 et 4.1 sans le dernier correctif de s\u00e9curit\u00e9 OpenSSH",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions ant\u00e9rieures \u00e0 4.8.3",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Command Center versions ant\u00e9rieures \u00e0 10.2.5 IF1",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer versions ant\u00e9rieures \u00e0 11.1.7 Fix Pack 8",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0216"
},
{
"name": "CVE-2021-44906",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44906"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-0401",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0401"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2022-21426",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21426"
},
{
"name": "CVE-2021-35586",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35586"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2021-35550",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35550"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38359",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38359"
},
{
"name": "CVE-2021-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3572"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2023-3817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3817"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2022-21299",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21299"
},
{
"name": "CVE-2023-50324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50324"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2020-28458",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28458"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
},
{
"name": "CVE-2022-40897",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40897"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-4203",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4203"
},
{
"name": "CVE-2020-1971",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-1971"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-35559",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35559"
},
{
"name": "CVE-2023-0217",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0217"
},
{
"name": "CVE-2021-43138",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43138"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-35565",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35565"
},
{
"name": "CVE-2023-30589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30589"
},
{
"name": "CVE-2021-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23445"
},
{
"name": "CVE-2021-35603",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35603"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2021-3449",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3449"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-32344",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32344"
},
{
"name": "CVE-2023-43051",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43051"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2019-1547",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-1547"
},
{
"name": "CVE-2023-39410",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39410"
},
{
"name": "CVE-2021-35588",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35588"
},
{
"name": "CVE-2021-23839",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23839"
},
{
"name": "CVE-2023-30588",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30588"
},
{
"name": "CVE-2012-5784",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5784"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2021-41035",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41035"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2018-8032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8032"
},
{
"name": "CVE-2022-21434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21434"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2021-35578",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35578"
},
{
"name": "CVE-2021-28167",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-28167"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2021-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31684"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2010-2084",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2084"
},
{
"name": "CVE-2019-0227",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0227"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2022-34357",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34357"
},
{
"name": "CVE-2021-35564",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35564"
},
{
"name": "CVE-2021-23840",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23840"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2014-3596",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3596"
},
{
"name": "CVE-2022-21496",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21496"
},
{
"name": "CVE-2021-35556",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35556"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-26136",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26136"
},
{
"name": "CVE-2022-21443",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21443"
},
{
"name": "CVE-2021-23841",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23841"
},
{
"name": "CVE-2021-35560",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35560"
},
{
"name": "CVE-2023-51384",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51384"
},
{
"name": "CVE-2022-34165",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34165"
},
{
"name": "CVE-2023-30996",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30996"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
}
],
"initial_release_date": "2024-03-01T00:00:00",
"last_revision_date": "2024-03-01T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0180",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112541 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112541"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125640 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125640"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7124466 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7124466"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7112504 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7112504"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7125461 du 28 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7125461"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7123154 du 23 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7123154"
}
]
}
CERTFR-2024-AVI-0113
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, une exécution de code arbitraire à distance et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling File Gateway version 6.1.x antérieures à 6.1.2.4 | ||
| IBM | Sterling | Sterling B2B Integrator version 6.0.x antérieures à 6.0.3.9 | ||
| IBM | MaaS360 | MaaS360 Cloud Extender Agent versions antérieures à 3.000.300.025 | ||
| IBM | MaaS360 | MaaS360 Mobile Enterprise Gateway versions antérieures à 3.000.400 | ||
| IBM | Sterling | Sterling File Gateway version 6.0.x antérieures à 6.0.3.9 | ||
| IBM | QRadar | QRadar Pulse App versions antérieures à 2.2.12 | ||
| IBM | Sterling | Sterling B2B Integrator version 6.1.x antérieures à 6.1.2.4 | ||
| IBM | MaaS360 | MaaS360 VPN versions antérieures à 3.000.400 | ||
| IBM | Sterling | Sterling Transformation Extender versions 10.1.0, 10.1.1, 10.1.2 et 11.0.0 sans le correctif de sécurité APAR PH58718 | ||
| IBM | Sterling Control Center | Sterling Control Center versions antérieures à 6.3.0.0 iFix04 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling File Gateway version 6.1.x ant\u00e9rieures \u00e0 6.1.2.4",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator version 6.0.x ant\u00e9rieures \u00e0 6.0.3.9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "MaaS360 Cloud Extender Agent versions ant\u00e9rieures \u00e0 3.000.300.025",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "MaaS360 Mobile Enterprise Gateway versions ant\u00e9rieures \u00e0 3.000.400",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling File Gateway version 6.0.x ant\u00e9rieures \u00e0 6.0.3.9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Pulse App versions ant\u00e9rieures \u00e0 2.2.12",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling B2B Integrator version 6.1.x ant\u00e9rieures \u00e0 6.1.2.4",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "MaaS360 VPN versions ant\u00e9rieures \u00e0 3.000.400",
"product": {
"name": "MaaS360",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Transformation Extender versions 10.1.0, 10.1.1, 10.1.2 et 11.0.0 sans le correctif de s\u00e9curit\u00e9 APAR PH58718",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions ant\u00e9rieures \u00e0 6.3.0.0 iFix04",
"product": {
"name": "Sterling Control Center",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-46308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
},
{
"name": "CVE-2010-3300",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3300"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2023-46849",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46849"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2023-34396",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34396"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-20883",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20883"
},
{
"name": "CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"name": "CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"name": "CVE-2023-34149",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34149"
},
{
"name": "CVE-2016-1000027",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-1000027"
},
{
"name": "CVE-2023-46850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46850"
}
],
"initial_release_date": "2024-02-09T00:00:00",
"last_revision_date": "2024-02-09T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0113",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-09T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer un probl\u00e8me de s\u00e9curit\u00e9 non\nsp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, une ex\u00e9cution de code arbitraire \u00e0 distance et\nun d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116082 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116082"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7115287 du 06 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7115287"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7114777 du 05 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7114777"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116078 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116078"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116073 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116073"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116050 du 07 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116050"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7116376 du 09 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7116376"
}
]
}
CERTFR-2024-AVI-0305
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
- Sterling Connect:Direct pour UNIX versions 6.1.0.x antérieures à 6.1.0.4.iFix104
- Sterling Connect:Direct pour UNIX versions 6.0.0.x antérieures à 6.0.0.2.iFix163
- Sterling Connect:Direct FTP+ versions antérieures à 1.3.0 sans le correctif de sécurité iFix026
- QRadar App SDK versions 2.2.x antérieures à 2.2.1
- QRadar Deployment Intelligence App versions antérieures à 3.0.13
- Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.20.0
- QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF01
- QRadar Suite Software versions 1.10.12.x antérieures à 1.10.20.0
- WebSphere Application Server Liberty versions postérieures à 21.0.0.2 et antérieures à 24.0.0.4
- WebSphere Application Server versions 9.x antérieures à 9.0.5.19
- WebSphere Application Server versions postérieures à 8.5.5.2 antérieures à 8.5.5.26
- Sterling B2B Integrator versions 6.0.x.x à 6.1.x.x antérieures à 6.1.2.5
- Sterling B2B Integrator versions 6.2.x.x antérieures à 6.2.0.1
Se référer aux bulletin de l'éditeur pour les versions des fichiers vulnérables (cf. section Documentation).
Impacted products
| Vendor | Product | Description |
|---|
References
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [],
"affected_systems_content": "\u003cul\u003e \u003cli\u003eSterling Connect:Direct pour UNIX versions 6.1.0.x ant\u00e9rieures \u00e0\u00a06.1.0.4.iFix104\u003c/li\u003e \u003cli\u003eSterling Connect:Direct pour UNIX versions 6.0.0.x ant\u00e9rieures \u00e0 6.0.0.2.iFix163\u003c/li\u003e \u003cli\u003eSterling Connect:Direct FTP+ versions ant\u00e9rieures \u00e0 1.3.0 sans le correctif de s\u00e9curit\u00e9 iFix026\u003c/li\u003e \u003cli\u003eQRadar App SDK versions 2.2.x ant\u00e9rieures \u00e0 2.2.1\u003c/li\u003e \u003cli\u003eQRadar Deployment Intelligence App versions ant\u00e9rieures \u00e0 3.0.13\u003c/li\u003e \u003cli\u003eCloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.20.0\u003c/li\u003e \u003cli\u003eQRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF01\u003c/li\u003e \u003cli\u003eQRadar Suite Software versions 1.10.12.x ant\u00e9rieures \u00e0 1.10.20.0\u003c/li\u003e \u003cli\u003eWebSphere Application Server Liberty versions post\u00e9rieures \u00e0 21.0.0.2 et ant\u00e9rieures \u00e0 24.0.0.4\u003c/li\u003e \u003cli\u003eWebSphere Application Server versions 9.x ant\u00e9rieures \u00e0 9.0.5.19\u003c/li\u003e \u003cli\u003eWebSphere Application Server versions post\u00e9rieures \u00e0 8.5.5.2 ant\u00e9rieures \u00e0 8.5.5.26\u003c/li\u003e \u003cli\u003eSterling B2B Integrator versions 6.0.x.x \u00e0 6.1.x.x ant\u00e9rieures \u00e0 6.1.2.5\u003c/li\u003e \u003cli\u003eSterling B2B Integrator versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.1\u003c/li\u003e \u003c/ul\u003e \u003cp\u003eSe r\u00e9f\u00e9rer aux bulletin de l\u0027\u00e9diteur pour les versions des fichiers vuln\u00e9rables (cf. section Documentation).\u003c/p\u003e ",
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2012-0881",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0881"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2021-22696",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22696"
},
{
"name": "CVE-2023-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2022-46364",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46364"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"name": "CVE-2023-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2022-46363",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46363"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-30468",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-30468"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2023-42794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42794"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2022-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3094"
},
{
"name": "CVE-2022-41721",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41721"
},
{
"name": "CVE-2022-42920",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42920"
},
{
"name": "CVE-2022-23437",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23437"
},
{
"name": "CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-49083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49083"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-34966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34966"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2023-46589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2024-22234",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22234"
}
],
"initial_release_date": "2024-04-12T00:00:00",
"last_revision_date": "2024-04-12T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0305",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-04-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, un d\u00e9ni de service \u00e0 distance et une \u00e9l\u00e9vation de\nprivil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147813 du 09 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147813"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148062 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148062"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147943 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147943"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147903 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147903"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148094 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148094"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148151 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148151"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148066 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148066"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148158 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148158"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147727 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147727"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148065 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148065"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148068 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148068"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147728 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147728"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147944 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147944"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147726 du 08 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147726"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147923 du 10 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147923"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7147812 du 09 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7147812"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7148063 du 11 avril 2024",
"url": "https://www.ibm.com/support/pages/node/7148063"
}
]
}
CERTFR-2024-AVI-0547
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Tivoli | Tivoli Netcool Impact versions 7.1.0.x antérieures à 7.1.0.34 | ||
| IBM | Cognos Transformer | Cognos Transformer version 11.2.4 sans le correctif FP4 | ||
| IBM | Tivoli | Tivoli Application Dependency Discovery Manager versions 7.3.0.0 à 7.3.0.11 sans le correctif de sécurité efix_WLP_PSIRT_24006_FP11230825.zip | ||
| IBM | Cognos Transformer | Cognos Transformer versions 12.0.x antérieures à 12.0.3 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Tivoli Netcool Impact versions 7.1.0.x ant\u00e9rieures \u00e0 7.1.0.34",
"product": {
"name": "Tivoli",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer version 11.2.4 sans le correctif FP4",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli Application Dependency Discovery Manager versions 7.3.0.0 \u00e0 7.3.0.11 sans le correctif de s\u00e9curit\u00e9 efix_WLP_PSIRT_24006_FP11230825.zip",
"product": {
"name": "Tivoli",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer versions 12.0.x ant\u00e9rieures \u00e0 12.0.3",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2024-25026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2024-27268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27268"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2024-07-05T00:00:00",
"last_revision_date": "2024-07-05T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0547",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-07-05T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159323",
"url": "https://www.ibm.com/support/pages/node/7159323"
},
{
"published_at": "2024-07-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159530",
"url": "https://www.ibm.com/support/pages/node/7159530"
},
{
"published_at": "2024-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159308",
"url": "https://www.ibm.com/support/pages/node/7159308"
},
{
"published_at": "2024-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159172",
"url": "https://www.ibm.com/support/pages/node/7159172"
}
]
}
CERTFR-2024-AVI-0199
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | WebSphere | WebSphere Service Registry and Repository versions 8.5.x antérieures à WSRR V8.5.6.3_IJ40949_IJ45702_IJ48644_IJ48939_IJ48940 | ||
| IBM | WebSphere | WebSphere Service Registry and Repository Studio versions 8.5.x sans le dernier correctif de sécurité V8.5.6.3_IJ50069 | ||
| IBM | Cloud Pak | Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.19.0 | ||
| IBM | QRadar Suite Software | QRadar Suite Software versions 1.10.x.x antérieures à 1.10.19.0 | ||
| IBM | Sterling | Sterling External Authentication Server versions antérieures à 6.0.3 sans le correctif de sécurité iFix 10 | ||
| IBM | Sterling | Sterling External Authentication Server versions antérieures à 6.1.0 sans le correctif de sécurité iFix 06 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "WebSphere Service Registry and Repository versions 8.5.x ant\u00e9rieures \u00e0 WSRR V8.5.6.3_IJ40949_IJ45702_IJ48644_IJ48939_IJ48940",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Service Registry and Repository Studio versions 8.5.x sans le dernier correctif de s\u00e9curit\u00e9 V8.5.6.3_IJ50069",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.19.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.19.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions ant\u00e9rieures \u00e0 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix 10",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling External Authentication Server versions ant\u00e9rieures \u00e0 6.1.0 sans le correctif de s\u00e9curit\u00e9 iFix 06",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2018-1099",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1099"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2024-24762",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-24762"
},
{
"name": "CVE-2021-43816",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43816"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-31030",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31030"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2020-15106",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15106"
},
{
"name": "CVE-2022-38749",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38749"
},
{
"name": "CVE-2021-32760",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-32760"
},
{
"name": "CVE-2023-34478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34478"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2023-25173",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25173"
},
{
"name": "CVE-2023-25153",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25153"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2022-41854",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41854"
},
{
"name": "CVE-2021-21334",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-21334"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2022-38751",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38751"
},
{
"name": "CVE-2022-38752",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38752"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2022-38750",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38750"
},
{
"name": "CVE-2022-23471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23471"
},
{
"name": "CVE-2024-23829",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23829"
},
{
"name": "CVE-2022-1471",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1471"
},
{
"name": "CVE-2023-47248",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47248"
},
{
"name": "CVE-2018-16886",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-16886"
},
{
"name": "CVE-2022-23648",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23648"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2023-39325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39325"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-22602",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22602"
},
{
"name": "CVE-2021-41103",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41103"
},
{
"name": "CVE-2023-40743",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40743"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2017-16137",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-16137"
},
{
"name": "CVE-2024-23334",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-23334"
}
],
"initial_release_date": "2024-03-08T00:00:00",
"last_revision_date": "2024-03-08T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0199",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-08T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7130806 du 07 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7130806"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7129989 du 06 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7129989"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7129833 du 04 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7129833"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7129327 du 01 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7129327"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7129821 du 04 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7129821"
}
]
}
CERTFR-2024-AVI-0820
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Cognos Transformer | Cognos Transformer version 11.2.4 avec Cognos Analytics versions antérieures à 11.2.4 FP4 | ||
| IBM | Cognos Transformer | Cognos Transformer version 12.0.0 avec Cognos Analytics versions antérieures à 12.0.3 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Cognos Transformer version 11.2.4 avec Cognos Analytics versions ant\u00e9rieures \u00e0 11.2.4 FP4 ",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Transformer version 12.0.0 avec Cognos Analytics versions ant\u00e9rieures \u00e0 12.0.3",
"product": {
"name": "Cognos Transformer",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2024-09-27T00:00:00",
"last_revision_date": "2024-09-27T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0820",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-09-27T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s IBM Cognos Transformer",
"vendor_advisories": [
{
"published_at": "2024-09-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7159172",
"url": "https://www.ibm.com/support/pages/node/7159172"
}
]
}
CERTFR-2024-AVI-0692
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar | Security QRadar EDR versions 3.12.x antérieures à 3.12.10 | ||
| IBM | WebSphere | IBM WebSphere Application Server version 9.0 avec Java Technology Edition versions antérieures à 8 Service Refresh 8 FP30 | ||
| IBM | Db2 | Db2 Big SQL on Cloud Pak for Data versions 7.2.x à 7.5.x antérieures à 7.5.3 | ||
| IBM | Db2 | Db2 versions 11.5.x sans le dernier correctif de sécurité | ||
| IBM | AIX | AIX version 7.3 avec un version de Python 3.9 antérieure à 3.9.19.2 | ||
| IBM | QRadar SIEM | QRadar Suite versions 1.10.x antérieures à 1.10.24.0 | ||
| IBM | VIOS | VIOS version 4.1 avec un version de Python 3.9 antérieure à 3.9.19.2 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 8.5.x antérieures à 8.5.5.11 ou sans le correctif de sécurité temporaire PH62458 | ||
| IBM | Sterling Connect:Direct | Sterling Control Center versions 6.2.x antérieures à 6.2.1.0 GA iFix13 | ||
| IBM | Sterling Connect:Direct | Sterling Control Center versions 6.3.x antérieures à 6.3.1.0 GA iFix02 | ||
| IBM | Cognos Analytics | Cognos Dashboards on Cloud Pak for Data versions antérieures à 5.0.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Security QRadar EDR versions 3.12.x ant\u00e9rieures \u00e0 3.12.10",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server version 9.0 avec Java Technology Edition versions ant\u00e9rieures \u00e0 8 Service Refresh 8 FP30",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 Big SQL on Cloud Pak for Data versions 7.2.x \u00e0 7.5.x ant\u00e9rieures \u00e0 7.5.3",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 11.5.x sans le dernier correctif de s\u00e9curit\u00e9 ",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.3 avec un version de Python 3.9 ant\u00e9rieure \u00e0 3.9.19.2",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite versions 1.10.x ant\u00e9rieures \u00e0 1.10.24.0",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 4.1 avec un version de Python 3.9 ant\u00e9rieure \u00e0 3.9.19.2",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 8.5.x ant\u00e9rieures \u00e0 8.5.5.11 ou sans le correctif de s\u00e9curit\u00e9 temporaire PH62458",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.2.x ant\u00e9rieures \u00e0 6.2.1.0 GA iFix13",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Control Center versions 6.3.x ant\u00e9rieures \u00e0 6.3.1.0 GA iFix02",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Dashboards on Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.0.0",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2024-29041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29041"
},
{
"name": "CVE-2024-37891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37891"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2023-23613",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23613"
},
{
"name": "CVE-2024-33602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33602"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-39008",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39008"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-22353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22353"
},
{
"name": "CVE-2023-29256",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29256"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2023-30431",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30431"
},
{
"name": "CVE-2023-32067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32067"
},
{
"name": "CVE-2024-25024",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25024"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-22025",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22025"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-35012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35012"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-30443",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30443"
},
{
"name": "CVE-2024-29415",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29415"
},
{
"name": "CVE-2023-27869",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27869"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2024-33600",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33600"
},
{
"name": "CVE-2023-30446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30446"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-46809",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46809"
},
{
"name": "CVE-2024-33599",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33599"
},
{
"name": "CVE-2024-25629",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25629"
},
{
"name": "CVE-2023-27868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27868"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-37168",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37168"
},
{
"name": "CVE-2024-28176",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28176"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-41917",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41917"
},
{
"name": "CVE-2024-22019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22019"
},
{
"name": "CVE-2024-22233",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22233"
},
{
"name": "CVE-2023-30445",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30445"
},
{
"name": "CVE-2023-30447",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30447"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2023-30442",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30442"
},
{
"name": "CVE-2024-27983",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27983"
},
{
"name": "CVE-2024-30261",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30261"
},
{
"name": "CVE-2023-27867",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27867"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2024-21892",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21892"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-27982",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27982"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-33601",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33601"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-30448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30448"
},
{
"name": "CVE-2024-25062",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25062"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2023-27558",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27558"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2023-30449",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30449"
},
{
"name": "CVE-2023-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2004"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36046"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2024-30260",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30260"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-23487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23487"
},
{
"name": "CVE-2024-3651",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-3651"
},
{
"name": "CVE-2024-34064",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-34064"
},
{
"name": "CVE-2023-31130",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31130"
},
{
"name": "CVE-2023-42282",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42282"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-28799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28799"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2024-2961",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-2961"
},
{
"name": "CVE-2024-27267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
},
{
"name": "CVE-2024-28182",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28182"
},
{
"name": "CVE-2023-6597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6597"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2023-23612",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23612"
},
{
"name": "CVE-2024-6345",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-6345"
}
],
"initial_release_date": "2024-08-16T00:00:00",
"last_revision_date": "2024-08-16T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0692",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-08-16T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-08-11",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165247",
"url": "https://www.ibm.com/support/pages/node/7165247"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165360",
"url": "https://www.ibm.com/support/pages/node/7165360"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165340",
"url": "https://www.ibm.com/support/pages/node/7165340"
},
{
"published_at": "2024-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165344",
"url": "https://www.ibm.com/support/pages/node/7165344"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165423",
"url": "https://www.ibm.com/support/pages/node/7165423"
},
{
"published_at": "2024-08-12",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165284",
"url": "https://www.ibm.com/support/pages/node/7165284"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165362",
"url": "https://www.ibm.com/support/pages/node/7165362"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165364",
"url": "https://www.ibm.com/support/pages/node/7165364"
},
{
"published_at": "2024-08-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165363",
"url": "https://www.ibm.com/support/pages/node/7165363"
},
{
"published_at": "2024-08-14",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165488",
"url": "https://www.ibm.com/support/pages/node/7165488"
},
{
"published_at": "2024-08-16",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7165685",
"url": "https://www.ibm.com/support/pages/node/7165685"
}
]
}
CERTFR-2024-AVI-0385
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services (Certified Container) toutes versions sans le dernier correctif de sécurité | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.2.x antérieures à 6.2.0.23 | ||
| IBM | N/A | AIX et VIOS sans le dernier correctif de sécurité | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions antérieures à 6.1.0.24 | ||
| IBM | QRadar | SOAR QRadar Plugin App versions antérieures à 5.4.0 | ||
| IBM | Sterling Connect:Direct | Sterling Connect:Direct Web Services versions 6.3.x antérieures à 6.3.0.7 | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP8 IF02 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Sterling Connect:Direct Web Services (Certified Container) toutes versions sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.2.x ant\u00e9rieures \u00e0 6.2.0.23",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX et VIOS sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions ant\u00e9rieures \u00e0 6.1.0.24",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "SOAR QRadar Plugin App versions ant\u00e9rieures \u00e0 5.4.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect:Direct Web Services versions 6.3.x ant\u00e9rieures \u00e0 6.3.0.7",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP8 IF02",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-29483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29483"
},
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2023-6681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6681"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2023-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46813"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2024-27273",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27273"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-51043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51043"
},
{
"name": "CVE-2023-5633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2023-5178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2020-10001",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10001"
},
{
"name": "CVE-2024-0646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
},
{
"name": "CVE-2021-33503",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33503"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2023-50782",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50782"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2024-28102",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28102"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-45862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45862"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2020-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3898"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2018-20060",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-20060"
},
{
"name": "CVE-2023-25193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25193"
},
{
"name": "CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-6817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6817"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2023-5072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5072"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2023-3812",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3812"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2024-27269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27269"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2018-19787",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19787"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-6356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
},
{
"name": "CVE-2024-1488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1488"
},
{
"name": "CVE-2024-22195",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22195"
},
{
"name": "CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"name": "CVE-2023-44794",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44794"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2023-32324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32324"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2014-3146",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3146"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2019-9740",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-9740"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
},
{
"name": "CVE-2024-26130",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26130"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"name": "CVE-2023-34241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34241"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
},
{
"name": "CVE-2019-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8696"
},
{
"name": "CVE-2020-26137",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-26137"
},
{
"name": "CVE-2019-11324",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11324"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-2004",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2004"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6606"
},
{
"name": "CVE-2019-11236",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-11236"
},
{
"name": "CVE-2023-6932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2021-33631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
},
{
"name": "CVE-2023-50387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
},
{
"name": "CVE-2024-0985",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0985"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-6546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
},
{
"name": "CVE-2023-7192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
},
{
"name": "CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2024-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
},
{
"name": "CVE-2019-8675",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8675"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-51042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51042"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2020-27783",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27783"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2021-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43818"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2166"
},
{
"name": "CVE-2023-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
},
{
"name": "CVE-2023-6931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
},
{
"name": "CVE-2023-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
}
],
"initial_release_date": "2024-05-10T00:00:00",
"last_revision_date": "2024-05-10T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0385",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-05-10T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0\ndistance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150297 du 06 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150297"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150684 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150684"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150803 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150803"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150277 du 05 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150277"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150196 du 03 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150196"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150798 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150798"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150804 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150804"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150799 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150799"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150276 du 05 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150276"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150802 du 09 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150802"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7150362 du 07 mai 2024",
"url": "https://www.ibm.com/support/pages/node/7150362"
}
]
}
CERTFR-2024-AVI-0959
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits NetApp. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| NetApp | OnCommand Insight | OnCommand Insight versions antérieures à 7.3.16 | ||
| NetApp | StorageGRID | StorageGRID (anciennement StorageGRID Webscale) versions antérieures à 11.9.0 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "OnCommand Insight versions ant\u00e9rieures \u00e0 7.3.16",
"product": {
"name": "OnCommand Insight",
"vendor": {
"name": "NetApp",
"scada": false
}
}
},
{
"description": "StorageGRID (anciennement StorageGRID Webscale) versions ant\u00e9rieures \u00e0 11.9.0",
"product": {
"name": "StorageGRID",
"vendor": {
"name": "NetApp",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2017-20189",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-20189"
},
{
"name": "CVE-2010-4756",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4756"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2024-21994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21994"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2024-25041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25041"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-23358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2023-46750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46750"
},
{
"name": "CVE-2023-46749",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46749"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2023-37466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37466"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2023-37903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37903"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2021-20086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20086"
},
{
"name": "CVE-2017-20162",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-20162"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2018-9466",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9466"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2024-25053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25053"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2021-3377",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3377"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2024-11-12T00:00:00",
"last_revision_date": "2024-11-12T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0959",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-11-12T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits NetApp. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits NetApp",
"vendor_advisories": [
{
"published_at": "2024-11-08",
"title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20241108-0001",
"url": "https://security.netapp.com/advisory/ntap-20241108-0001/"
},
{
"published_at": "2024-11-08",
"title": "Bulletin de s\u00e9curit\u00e9 NetApp NTAP-20241108-0002",
"url": "https://security.netapp.com/advisory/ntap-20241108-0002/"
}
]
}
CERTFR-2024-AVI-1051
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | VIOS | VIOS version 3.1 sans le correctif invscout_fix7.tar | ||
| IBM | AIX | AIX version 7.3 sans le correctif invscout_fix7.tar | ||
| IBM | Cognos Controller | Cognos Controller versions 11.0.x antérieures à 11.0.1 FP3 | ||
| IBM | AIX | AIX version 7.2 sans le correctif invscout_fix7.tar | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.2.x antérieures à 6.2.2.2 | ||
| IBM | QRadar Use Case Manager App | QRadar Use Case Manager App versions antérieures à 4.0.0 | ||
| IBM | Sterling Partner Engagement Manager Essentials Edition | Sterling Partner Engagement Manager Essentials Edition versions 6.1.x antérieures à 6.1.2.10 | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.1.x antérieures à 6.1.2.10 | ||
| IBM | VIOS | VIOS version 4.1 sans le correctif invscout_fix7.tar | ||
| IBM | Sterling Partner Engagement Manager Standard Edition | Sterling Partner Engagement Manager Standard Edition versions 6.2.x antérieures à 6.2.3.2 |
References
| Title | Publication Time | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VIOS version 3.1 sans le correctif invscout_fix7.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.3 sans le correctif invscout_fix7.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Controller versions 11.0.x ant\u00e9rieures \u00e0 11.0.1 FP3",
"product": {
"name": "Cognos Controller",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "AIX version 7.2 sans le correctif invscout_fix7.tar",
"product": {
"name": "AIX",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.2.x ant\u00e9rieures \u00e0 6.2.2.2",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Use Case Manager App versions ant\u00e9rieures \u00e0 4.0.0",
"product": {
"name": "QRadar Use Case Manager App",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Essentials Edition versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.10",
"product": {
"name": "Sterling Partner Engagement Manager Essentials Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.1.x ant\u00e9rieures \u00e0 6.1.2.10",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "VIOS version 4.1 sans le correctif invscout_fix7.tar",
"product": {
"name": "VIOS",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager Standard Edition versions 6.2.x ant\u00e9rieures \u00e0 6.2.3.2",
"product": {
"name": "Sterling Partner Engagement Manager Standard Edition",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-7104",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7104"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21843",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21843"
},
{
"name": "CVE-2024-47115",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47115"
},
{
"name": "CVE-2021-29425",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29425"
},
{
"name": "CVE-2022-32213",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32213"
},
{
"name": "CVE-2021-22959",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22959"
},
{
"name": "CVE-2023-38264",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38264"
},
{
"name": "CVE-2024-25020",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25020"
},
{
"name": "CVE-2024-28849",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28849"
},
{
"name": "CVE-2022-35256",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35256"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-22353",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22353"
},
{
"name": "CVE-2024-41777",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41777"
},
{
"name": "CVE-2024-21890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21890"
},
{
"name": "CVE-2024-21896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21896"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2021-36690",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36690"
},
{
"name": "CVE-2023-21830",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21830"
},
{
"name": "CVE-2021-22940",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22940"
},
{
"name": "CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"name": "CVE-2023-50312",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50312"
},
{
"name": "CVE-2021-22930",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22930"
},
{
"name": "CVE-2024-25035",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25035"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-38737",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38737"
},
{
"name": "CVE-2023-24807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24807"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2024-29857",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-29857"
},
{
"name": "CVE-2021-22918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22918"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2021-23337",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23337"
},
{
"name": "CVE-2024-25026",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25026"
},
{
"name": "CVE-2021-22939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22939"
},
{
"name": "CVE-2021-44532",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44532"
},
{
"name": "CVE-2024-26308",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26308"
},
{
"name": "CVE-2022-0155",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0155"
},
{
"name": "CVE-2021-22960",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22960"
},
{
"name": "CVE-2024-41776",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41776"
},
{
"name": "CVE-2024-30172",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30172"
},
{
"name": "CVE-2024-25019",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25019"
},
{
"name": "CVE-2022-32222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32222"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-32212",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32212"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2024-21011",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21011"
},
{
"name": "CVE-2024-22329",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22329"
},
{
"name": "CVE-2021-22921",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22921"
},
{
"name": "CVE-2022-0536",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0536"
},
{
"name": "CVE-2024-25710",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25710"
},
{
"name": "CVE-2021-29892",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29892"
},
{
"name": "CVE-2024-45676",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45676"
},
{
"name": "CVE-2023-49735",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49735"
},
{
"name": "CVE-2024-40691",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40691"
},
{
"name": "CVE-2024-21094",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21094"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2024-27268",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27268"
},
{
"name": "CVE-2022-32215",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32215"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2024-41775",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-41775"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"name": "CVE-2020-28500",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28500"
},
{
"name": "CVE-2021-22931",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22931"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2021-44533",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44533"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2022-35737",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35737"
},
{
"name": "CVE-2024-28863",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28863"
},
{
"name": "CVE-2020-8203",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8203"
},
{
"name": "CVE-2022-25857",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25857"
},
{
"name": "CVE-2024-27270",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27270"
},
{
"name": "CVE-2024-21891",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21891"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2022-32214",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32214"
},
{
"name": "CVE-2024-39338",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-39338"
},
{
"name": "CVE-2024-30171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-30171"
},
{
"name": "CVE-2022-21824",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-21824"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2024-22017",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22017"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2022-35255",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35255"
},
{
"name": "CVE-2024-25036",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25036"
},
{
"name": "CVE-2024-21085",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21085"
},
{
"name": "CVE-2021-44531",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44531"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2024-22354",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22354"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-32223",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32223"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2024-12-06T00:00:00",
"last_revision_date": "2024-12-06T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-1051",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-12-06T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178033",
"url": "https://www.ibm.com/support/pages/node/7178033"
},
{
"published_at": "2024-12-06",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7178054",
"url": "https://www.ibm.com/support/pages/node/7178054"
},
{
"published_at": "2024-12-02",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177220",
"url": "https://www.ibm.com/support/pages/node/7177220"
},
{
"published_at": "2024-12-05",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7177981",
"url": "https://www.ibm.com/support/pages/node/7177981"
}
]
}
CERTFR-2024-AVI-0173
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Juniper Secure Analytics . Certaines d'entre elles permettent à un attaquant de provoquer un problème de sécurité non spécifié par l'éditeur, un déni de service à distance et un contournement de la politique de sécurité.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Secure Analytics | Juniper Secure Analytics versions antérieures à 7.5.0 UP7 IF05 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP7 IF05",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
}
],
"initial_release_date": "2024-02-29T00:00:00",
"last_revision_date": "2024-02-29T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0173",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-29T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Juniper Secure\nAnalytics . Certaines d\u0027entre elles permettent \u00e0 un attaquant de\nprovoquer un probl\u00e8me de s\u00e9curit\u00e9 non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur, un d\u00e9ni de\nservice \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper du 29 f\u00e9vrier 2024",
"url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP7-IF05?language=en_US"
}
]
}
CERTFR-2025-AVI-0651
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 14.10.x sans le dernier correctif de sécurité | ||
| IBM | Db2 | Db2 versions 12.1.x antérieures à 12.1.2 | ||
| IBM | QRadar | QRadar Investigation Assistant versions 1.x antérieures à 1.1.0 | ||
| IBM | Informix Dynamic Server | Informix Dynamic Server versions 12.10.x sans le dernier correctif de sécurité | ||
| IBM | Cognos Analytics | Cognos Analytics 12.1.x antérieures à 12.1.0 IF2 | ||
| IBM | WebSphere | WebSphere Hybrid Edition version 5.1 sans les correctifs de sécurité PH67120 et PH67183 | ||
| IBM | Db2 | Db2 versions 11.1.x antérieures à 11.1.4 FP7 sans le dernier correctif de sécurité temporaire | ||
| IBM | Tivoli | Tivoli System Automation Application Manager 4.1 sans le correctif de sécurité pour WebSphere Application Server 9.0 | ||
| IBM | Cognos Analytics | Cognos Analytics 11.2.x antérieures à 11.2.4 FP6 | ||
| IBM | Db2 | Db2 versions 11.5.x antérieures à 11.5.9 sans le dernier correctif de sécurité temporaire | ||
| IBM | Cognos Analytics | Cognos Analytics 12.0.x antérieures à 12.0.4 FP1 | ||
| IBM | Db2 | Db2 versions 10.5.x antérieures à 10.5 FP11 sans le dernier correctif de sécurité temporaire |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Informix Dynamic Server versions 14.10.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 12.1.x ant\u00e9rieures \u00e0 12.1.2",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Investigation Assistant versions 1.x ant\u00e9rieures \u00e0 1.1.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Informix Dynamic Server versions 12.10.x sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Informix Dynamic Server",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics\t12.1.x ant\u00e9rieures \u00e0 12.1.0 IF2",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Hybrid Edition version 5.1 sans les correctifs de s\u00e9curit\u00e9 PH67120 et PH67183",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 11.1.x ant\u00e9rieures \u00e0 11.1.4 FP7 sans le dernier correctif de s\u00e9curit\u00e9 temporaire",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Tivoli System Automation Application Manager 4.1 sans le correctif de s\u00e9curit\u00e9 pour WebSphere Application Server 9.0",
"product": {
"name": "Tivoli",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics\t11.2.x ant\u00e9rieures \u00e0 11.2.4 FP6",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 11.5.x ant\u00e9rieures \u00e0 11.5.9 sans le dernier correctif de s\u00e9curit\u00e9 temporaire",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Cognos Analytics\t12.0.x ant\u00e9rieures \u00e0 12.0.4 FP1",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Db2 versions 10.5.x ant\u00e9rieures \u00e0 10.5 FP11 sans le dernier correctif de s\u00e9curit\u00e9 temporaire",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-0755",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-0755"
},
{
"name": "CVE-2024-21144",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21144"
},
{
"name": "CVE-2024-49342",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49342"
},
{
"name": "CVE-2024-45492",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45492"
},
{
"name": "CVE-2025-30472",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30472"
},
{
"name": "CVE-2025-24970",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24970"
},
{
"name": "CVE-2025-33092",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-33092"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2025-36097",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-36097"
},
{
"name": "CVE-2024-45490",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45490"
},
{
"name": "CVE-2024-45491",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45491"
},
{
"name": "CVE-2025-50182",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50182"
},
{
"name": "CVE-2025-50181",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50181"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2024-21147",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21147"
},
{
"name": "CVE-2024-21140",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21140"
},
{
"name": "CVE-2024-49343",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49343"
},
{
"name": "CVE-2025-47278",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-47278"
},
{
"name": "CVE-2024-21138",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21138"
},
{
"name": "CVE-2024-47081",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47081"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2024-21145",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21145"
},
{
"name": "CVE-2024-50602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50602"
},
{
"name": "CVE-2025-5889",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-5889"
},
{
"name": "CVE-2025-27607",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27607"
},
{
"name": "CVE-2025-48387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-48387"
},
{
"name": "CVE-2024-21131",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21131"
},
{
"name": "CVE-2024-27267",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27267"
}
],
"initial_release_date": "2025-08-01T00:00:00",
"last_revision_date": "2025-08-01T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0651",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-01T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240941",
"url": "https://www.ibm.com/support/pages/node/7240941"
},
{
"published_at": "2025-07-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240649",
"url": "https://www.ibm.com/support/pages/node/7240649"
},
{
"published_at": "2025-07-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240898",
"url": "https://www.ibm.com/support/pages/node/7240898"
},
{
"published_at": "2025-07-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240775",
"url": "https://www.ibm.com/support/pages/node/7240775"
},
{
"published_at": "2025-07-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240798",
"url": "https://www.ibm.com/support/pages/node/7240798"
},
{
"published_at": "2025-07-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7239462",
"url": "https://www.ibm.com/support/pages/node/7239462"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240952",
"url": "https://www.ibm.com/support/pages/node/7240952"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240940",
"url": "https://www.ibm.com/support/pages/node/7240940"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240946",
"url": "https://www.ibm.com/support/pages/node/7240946"
},
{
"published_at": "2025-07-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240777",
"url": "https://www.ibm.com/support/pages/node/7240777"
},
{
"published_at": "2025-07-28",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240899",
"url": "https://www.ibm.com/support/pages/node/7240899"
},
{
"published_at": "2025-07-29",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7240977",
"url": "https://www.ibm.com/support/pages/node/7240977"
}
]
}
CERTFR-2024-AVI-0228
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Sterling | Sterling Connect - Direct pour Microsoft Windows versions 6.3.0.x antérieures à 6.3.0.2_iFix012 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.1.0 sans le correctif de sécurité iFix 03 | ||
| IBM | Sterling | Sterling Secure Proxy versions 6.0.3 sans le correctif de sécurité iFix 11 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.2.2.x antérieures à 6.2.2.2 sans le dernier correctif de sécurité | ||
| IBM | QRadar SIEM | QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF06 | ||
| IBM | Sterling | Sterling Connect - Direct pour Microsoft Windows versions 6.2.0.x antérieures à 6.2.0.6_iFix012 | ||
| IBM | Db2 | IBM Db2 Web Query pour i version 2.4.0 sans les correctifs de sécurité SI85982 et SI85987 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.2.0.x antérieures à 6.2.0.7 sans le dernier correctif de sécurité | ||
| IBM | Sterling | Sterling Connect - Direct File Agent versions 1.4.0.x antérieures à 1.4.0.3_iFix004 | ||
| IBM | Sterling | Sterling Partner Engagement Manager versions 6.1.2.x antérieures à 6.1.2.9 sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | ||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Sterling Connect - Direct pour Microsoft Windows versions 6.3.0.x ant\u00e9rieures \u00e0 6.3.0.2_iFix012",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.1.0 sans le correctif de s\u00e9curit\u00e9 iFix 03",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Secure Proxy versions 6.0.3 sans le correctif de s\u00e9curit\u00e9 iFix 11",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.2.2.x ant\u00e9rieures \u00e0 6.2.2.2 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF06",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect - Direct pour Microsoft Windows versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.6_iFix012",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 Web Query pour i version 2.4.0 sans les correctifs de s\u00e9curit\u00e9 SI85982 et SI85987",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.2.0.x ant\u00e9rieures \u00e0 6.2.0.7 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Connect - Direct File Agent versions 1.4.0.x ant\u00e9rieures \u00e0 1.4.0.3_iFix004",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "Sterling Partner Engagement Manager versions 6.1.2.x ant\u00e9rieures \u00e0 6.1.2.9 sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "Sterling",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2022-45688",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45688"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2023-47699",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47699"
},
{
"name": "CVE-2023-46179",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46179"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-46182",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46182"
},
{
"name": "CVE-2023-34454",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34454"
},
{
"name": "CVE-2022-46337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46337"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-47147",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47147"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-34453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34453"
},
{
"name": "CVE-2022-41678",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41678"
},
{
"name": "CVE-2023-5072",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5072"
},
{
"name": "CVE-2018-8088",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-8088"
},
{
"name": "CVE-2023-34034",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34034"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2022-40609",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40609"
},
{
"name": "CVE-2023-34455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34455"
},
{
"name": "CVE-2023-36478",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36478"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-52428",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52428"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-39685",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39685"
},
{
"name": "CVE-2023-47162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47162"
},
{
"name": "CVE-2023-40167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40167"
},
{
"name": "CVE-2023-41900",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-41900"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2022-34169",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-34169"
},
{
"name": "CVE-2023-22045",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22045"
},
{
"name": "CVE-2023-22049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22049"
},
{
"name": "CVE-2023-36479",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36479"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-46604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46604"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2023-45177",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45177"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2023-38039",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38039"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2022-24839",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24839"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2023-46181",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46181"
}
],
"initial_release_date": "2024-03-15T00:00:00",
"last_revision_date": "2024-03-15T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0228",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-03-15T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire\n\u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une\natteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142007 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142007"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142038 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142038"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138527 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138527"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138509 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138509"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7140420 du 13 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7140420"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138477 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138477"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142032 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142032"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138522 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138522"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7137248 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7137248"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7137258 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7137258"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7138503 du 12 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7138503"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7142006 du 14 mars 2024",
"url": "https://www.ibm.com/support/pages/node/7142006"
}
]
}
CERTFR-2024-AVI-0145
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une exécution de code arbitraire à distance et une élévation de privilèges.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | Db2 | IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2 | ||
| IBM | QRadar Suite Software | QRadar Suite Software versions 1.10.x.x antérieures à 1.10.18.0 | ||
| IBM | N/A | IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions antérieures à v4.8.2 | ||
| IBM | QRadar SIEM | IBM QRadar SIEM versions 7.5.x antérieures à 7.5.0 UP7 IF05 | ||
| IBM | QRadar | IBM QRadar Use Case Manager App versions antérieures à 3.9.0 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20 | ||
| IBM | WebSphere | IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.1.x.x antérieures à 6.1.0.23 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.3.x.x antérieures à 6.3.0.6 | ||
| IBM | Sterling Connect:Direct | IBM Sterling Connect:Direct Web Services versions 6.2.x.x antérieures à 6.2.0.22 | ||
| IBM | Db2 | IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de sécurité Fixpack cumulatif Db2 | ||
| IBM | Cloud Pak | IBM Cloud Pak for Security versions 1.10.x.x antérieures à 1.10.18.0 | ||
| IBM | Spectrum | IBM Spectrum Scale versions 5.1.x.x antérieures à 5.1.2.15 | ||
| IBM | WebSphere | IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20 | ||
| IBM | QRadar WinCollect Agent | IBM QRadar WinCollect Agent versions 10.0.x antérieures à 10.1.9 | ||
| IBM | Spectrum | IBM Spectrum Scale versions 5.1.3.x antérieures à 5.1.9.2 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM Cloud APM, Advanced Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "QRadar Suite Software versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
"product": {
"name": "QRadar Suite Software",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Db2 sur Cloud Pak pour Data et Db2 Warehouse sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 v4.8.2",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar SIEM versions 7.5.x ant\u00e9rieures \u00e0 7.5.0 UP7 IF05",
"product": {
"name": "QRadar SIEM",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar Use Case Manager App versions ant\u00e9rieures \u00e0 3.9.0",
"product": {
"name": "QRadar",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 8.5.x.x sans le SDK version 8 Service Refresh 8 FP20",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server Liberty sans le SDK version 8 Service Refresh 8 FP20",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.1.x.x ant\u00e9rieures \u00e0 6.1.0.23",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.3.x.x ant\u00e9rieures \u00e0 6.3.0.6",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Sterling Connect:Direct Web Services versions 6.2.x.x ant\u00e9rieures \u00e0 6.2.0.22",
"product": {
"name": "Sterling Connect:Direct",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cloud APM, Base Private versions 8.1.4 sans le dernier correctif de s\u00e9curit\u00e9 Fixpack cumulatif Db2",
"product": {
"name": "Db2",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cloud Pak for Security versions 1.10.x.x ant\u00e9rieures \u00e0 1.10.18.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Scale versions 5.1.x.x ant\u00e9rieures \u00e0 5.1.2.15",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Application Server versions 9.x sans le SDK version 8 Service Refresh 8 FP20",
"product": {
"name": "WebSphere",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM QRadar WinCollect Agent versions 10.0.x ant\u00e9rieures \u00e0 10.1.9",
"product": {
"name": "QRadar WinCollect Agent",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Spectrum Scale versions 5.1.3.x ant\u00e9rieures \u00e0 5.1.9.2",
"product": {
"name": "Spectrum",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-8385",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8385"
},
{
"name": "CVE-2015-8388",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8388"
},
{
"name": "CVE-2015-8392",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8392"
},
{
"name": "CVE-2015-2327",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2327"
},
{
"name": "CVE-2015-8394",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8394"
},
{
"name": "CVE-2015-8395",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8395"
},
{
"name": "CVE-2015-8387",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8387"
},
{
"name": "CVE-2015-8391",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8391"
},
{
"name": "CVE-2015-8383",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8383"
},
{
"name": "CVE-2015-8390",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8390"
},
{
"name": "CVE-2015-8381",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8381"
},
{
"name": "CVE-2015-8386",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8386"
},
{
"name": "CVE-2015-2328",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-2328"
},
{
"name": "CVE-2020-14155",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14155"
},
{
"name": "CVE-2021-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-31525"
},
{
"name": "CVE-2021-3712",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3712"
},
{
"name": "CVE-2021-3711",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3711"
},
{
"name": "CVE-2021-22926",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22926"
},
{
"name": "CVE-2021-22947",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22947"
},
{
"name": "CVE-2021-22946",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22946"
},
{
"name": "CVE-2021-36221",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36221"
},
{
"name": "CVE-2021-29923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-29923"
},
{
"name": "CVE-2021-33197",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33197"
},
{
"name": "CVE-2021-34558",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-34558"
},
{
"name": "CVE-2021-33195",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33195"
},
{
"name": "CVE-2021-4160",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4160"
},
{
"name": "CVE-2021-44716",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-44716"
},
{
"name": "CVE-2021-41772",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41772"
},
{
"name": "CVE-2021-41771",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41771"
},
{
"name": "CVE-2022-3602",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3602"
},
{
"name": "CVE-2022-37434",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-37434"
},
{
"name": "CVE-2022-30633",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30633"
},
{
"name": "CVE-2022-1705",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1705"
},
{
"name": "CVE-2022-27664",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27664"
},
{
"name": "CVE-2022-28131",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28131"
},
{
"name": "CVE-2022-32148",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32148"
},
{
"name": "CVE-2022-32189",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32189"
},
{
"name": "CVE-2022-1962",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1962"
},
{
"name": "CVE-2022-30635",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30635"
},
{
"name": "CVE-2022-32149",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32149"
},
{
"name": "CVE-2022-30631",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30631"
},
{
"name": "CVE-2022-30632",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30632"
},
{
"name": "CVE-2022-30630",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30630"
},
{
"name": "CVE-2022-3786",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3786"
},
{
"name": "CVE-2022-3515",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3515"
},
{
"name": "CVE-2022-32206",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32206"
},
{
"name": "CVE-2018-25032",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-25032"
},
{
"name": "CVE-2021-22925",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22925"
},
{
"name": "CVE-2021-22923",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22923"
},
{
"name": "CVE-2021-22922",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-22922"
},
{
"name": "CVE-2022-23773",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23773"
},
{
"name": "CVE-2022-23772",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23772"
},
{
"name": "CVE-2022-23806",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23806"
},
{
"name": "CVE-2022-0778",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0778"
},
{
"name": "CVE-2022-24921",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24921"
},
{
"name": "CVE-2022-1292",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-1292"
},
{
"name": "CVE-2021-39293",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-39293"
},
{
"name": "CVE-2021-33196",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33196"
},
{
"name": "CVE-2022-22576",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-22576"
},
{
"name": "CVE-2022-27776",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27776"
},
{
"name": "CVE-2022-2068",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2068"
},
{
"name": "CVE-2021-27918",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-27918"
},
{
"name": "CVE-2021-41190",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41190"
},
{
"name": "CVE-2021-33194",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33194"
},
{
"name": "CVE-2022-2097",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2097"
},
{
"name": "CVE-2022-28327",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28327"
},
{
"name": "CVE-2022-24675",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24675"
},
{
"name": "CVE-2022-27782",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27782"
},
{
"name": "CVE-2022-32208",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32208"
},
{
"name": "CVE-2022-27781",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-27781"
},
{
"name": "CVE-2022-3171",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3171"
},
{
"name": "CVE-2022-43548",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43548"
},
{
"name": "CVE-2022-32221",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-32221"
},
{
"name": "CVE-2022-35252",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-35252"
},
{
"name": "CVE-2022-43552",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-43552"
},
{
"name": "CVE-2022-4304",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4304"
},
{
"name": "CVE-2023-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0286"
},
{
"name": "CVE-2023-0215",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0215"
},
{
"name": "CVE-2022-4450",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4450"
},
{
"name": "CVE-2022-25881",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25881"
},
{
"name": "CVE-2023-23916",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23916"
},
{
"name": "CVE-2022-29244",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29244"
},
{
"name": "CVE-2022-41717",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41717"
},
{
"name": "CVE-2022-3509",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3509"
},
{
"name": "CVE-2023-0464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0464"
},
{
"name": "CVE-2022-2879",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2879"
},
{
"name": "CVE-2022-41715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41715"
},
{
"name": "CVE-2022-2880",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2880"
},
{
"name": "CVE-2022-41716",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41716"
},
{
"name": "CVE-2023-0466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0466"
},
{
"name": "CVE-2023-0465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0465"
},
{
"name": "CVE-2022-30629",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30629"
},
{
"name": "CVE-2022-41723",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41723"
},
{
"name": "CVE-2022-30580",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-30580"
},
{
"name": "CVE-2022-41725",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41725"
},
{
"name": "CVE-2022-41724",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41724"
},
{
"name": "CVE-2022-24999",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24999"
},
{
"name": "CVE-2023-21937",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21937"
},
{
"name": "CVE-2023-21939",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21939"
},
{
"name": "CVE-2023-21967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21967"
},
{
"name": "CVE-2023-21930",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21930"
},
{
"name": "CVE-2023-23918",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23918"
},
{
"name": "CVE-2023-21968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21968"
},
{
"name": "CVE-2023-21938",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21938"
},
{
"name": "CVE-2023-21954",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-21954"
},
{
"name": "CVE-2020-8244",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-8244"
},
{
"name": "CVE-2023-23920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23920"
},
{
"name": "CVE-2023-23919",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23919"
},
{
"name": "CVE-2023-23936",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23936"
},
{
"name": "CVE-2023-24532",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24532"
},
{
"name": "CVE-2023-24537",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24537"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-2650",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2650"
},
{
"name": "CVE-2023-1370",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1370"
},
{
"name": "CVE-2023-2597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2597"
},
{
"name": "CVE-2023-24536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24536"
},
{
"name": "CVE-2023-24538",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24538"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-28320",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28320"
},
{
"name": "CVE-2023-28321",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28321"
},
{
"name": "CVE-2023-24540",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24540"
},
{
"name": "CVE-2023-29400",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29400"
},
{
"name": "CVE-2023-24539",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24539"
},
{
"name": "CVE-2023-3446",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3446"
},
{
"name": "CVE-2023-28319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28319"
},
{
"name": "CVE-2023-20593",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20593"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-29404",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29404"
},
{
"name": "CVE-2023-29402",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29402"
},
{
"name": "CVE-2023-29403",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29403"
},
{
"name": "CVE-2023-29405",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29405"
},
{
"name": "CVE-2023-3776",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3776"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2021-33198",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33198"
},
{
"name": "CVE-2022-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3510"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2021-38297",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-38297"
},
{
"name": "CVE-2022-25883",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25883"
},
{
"name": "CVE-2023-37920",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37920"
},
{
"name": "CVE-2023-26048",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26048"
},
{
"name": "CVE-2023-26049",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26049"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2023-29409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29409"
},
{
"name": "CVE-2023-29406",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29406"
},
{
"name": "CVE-2023-32681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32681"
},
{
"name": "CVE-2023-44487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44487"
},
{
"name": "CVE-2023-45648",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45648"
},
{
"name": "CVE-2023-42795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42795"
},
{
"name": "CVE-2023-30991",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30991"
},
{
"name": "CVE-2022-48339",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48339"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2023-39976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39976"
},
{
"name": "CVE-2023-38325",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38325"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-38545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38545"
},
{
"name": "CVE-2023-34462",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34462"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-32002",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32002"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2023-5678",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5678"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-44270",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44270"
},
{
"name": "CVE-2020-15586",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-15586"
},
{
"name": "CVE-2020-28362",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28362"
},
{
"name": "CVE-2020-14039",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-14039"
},
{
"name": "CVE-2020-16845",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-16845"
},
{
"name": "CVE-2021-3114",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3114"
},
{
"name": "CVE-2020-24553",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-24553"
},
{
"name": "CVE-2020-28366",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28366"
},
{
"name": "CVE-2020-28367",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28367"
},
{
"name": "CVE-2023-34054",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34054"
},
{
"name": "CVE-2023-34053",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34053"
},
{
"name": "CVE-2023-34055",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34055"
},
{
"name": "CVE-2023-46589",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46589"
},
{
"name": "CVE-2023-43642",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43642"
},
{
"name": "CVE-2002-0059",
"url": "https://www.cve.org/CVERecord?id=CVE-2002-0059"
},
{
"name": "CVE-2023-38003",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38003"
},
{
"name": "CVE-2023-32731",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32731"
},
{
"name": "CVE-2023-45133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45133"
},
{
"name": "CVE-2015-8393",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-8393"
},
{
"name": "CVE-2020-19909",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-19909"
},
{
"name": "CVE-2023-30987",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30987"
},
{
"name": "CVE-2023-38719",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38719"
},
{
"name": "CVE-2023-40374",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40374"
},
{
"name": "CVE-2023-38728",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38728"
},
{
"name": "CVE-2023-38720",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38720"
},
{
"name": "CVE-2023-38740",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38740"
},
{
"name": "CVE-2023-40372",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40372"
},
{
"name": "CVE-2023-40373",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40373"
},
{
"name": "CVE-2023-47145",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47145"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-39323",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39323"
},
{
"name": "CVE-2023-45857",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45857"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-46308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46308"
},
{
"name": "CVE-2023-32006",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32006"
},
{
"name": "CVE-2023-32559",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32559"
},
{
"name": "CVE-2023-24534",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24534"
},
{
"name": "CVE-2023-6129",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6129"
},
{
"name": "CVE-2022-23541",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23541"
},
{
"name": "CVE-2022-36046",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36046"
},
{
"name": "CVE-2023-40692",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40692"
},
{
"name": "CVE-2023-44981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44981"
},
{
"name": "CVE-2023-38727",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38727"
},
{
"name": "CVE-2023-45142",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45142"
},
{
"name": "CVE-2022-48337",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48337"
},
{
"name": "CVE-2023-47627",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47627"
},
{
"name": "CVE-2023-47701",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47701"
},
{
"name": "CVE-2023-49081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49081"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2023-29258",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-29258"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-22190",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22190"
},
{
"name": "CVE-2023-4586",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4586"
},
{
"name": "CVE-2023-43020",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43020"
},
{
"name": "CVE-2023-37276",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37276"
},
{
"name": "CVE-2023-47152",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47152"
},
{
"name": "CVE-2023-49082",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-49082"
},
{
"name": "CVE-2023-46219",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46219"
},
{
"name": "CVE-2023-47141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47141"
},
{
"name": "CVE-2023-39318",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39318"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2023-46167",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46167"
},
{
"name": "CVE-2023-27859",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27859"
},
{
"name": "CVE-2023-47158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47158"
},
{
"name": "CVE-2023-36665",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-36665"
},
{
"name": "CVE-2022-23529",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23529"
},
{
"name": "CVE-2023-40687",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40687"
},
{
"name": "CVE-2022-23539",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23539"
},
{
"name": "CVE-2023-6681",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6681"
},
{
"name": "CVE-2022-23540",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23540"
},
{
"name": "CVE-2023-46234",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46234"
},
{
"name": "CVE-2023-50308",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50308"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2023-45178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45178"
},
{
"name": "CVE-2023-45193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45193"
},
{
"name": "CVE-2023-39319",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39319"
},
{
"name": "CVE-2020-29510",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-29510"
},
{
"name": "CVE-2023-47746",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47746"
},
{
"name": "CVE-2023-34062",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34062"
},
{
"name": "CVE-2023-47747",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-47747"
},
{
"name": "CVE-2024-0727",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0727"
},
{
"name": "CVE-2023-46158",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46158"
},
{
"name": "CVE-2023-26115",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26115"
}
],
"initial_release_date": "2024-02-16T00:00:00",
"last_revision_date": "2024-02-16T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0145",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-02-16T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de requ\u00eates ill\u00e9gitimes par rebond (CSRF)"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans \u003cspan\nclass=\"textit\"\u003eles produits IBM\u003c/span\u003e. Certaines d\u0027entre elles\npermettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, une ex\u00e9cution de code arbitraire \u00e0 distance et une\n\u00e9l\u00e9vation de privil\u00e8ges.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117872 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117872"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7118592 du 16 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7118592"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117873 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117873"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7118289 du 15 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7118289"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7118351 du 15 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7118351"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117821 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117821"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117883 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117883"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117881 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117881"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7117884 du 14 f\u00e9vrier 2024",
"url": "https://www.ibm.com/support/pages/node/7117884"
}
]
}
CERTFR-2024-AVI-0506
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Juniper Networks. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | Secure Analytics | Secure Analytics versions antérieures à 7.5.0 UP8 IF03 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Secure Analytics versions ant\u00e9rieures \u00e0 7.5.0 UP8 IF03",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2012-6708",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-6708"
},
{
"name": "CVE-2015-9251",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-9251"
},
{
"name": "CVE-2019-13631",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13631"
},
{
"name": "CVE-2019-13224",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-13224"
},
{
"name": "CVE-2019-15505",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-15505"
},
{
"name": "CVE-2020-25656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-25656"
},
{
"name": "CVE-2019-8696",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8696"
},
{
"name": "CVE-2019-8675",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-8675"
},
{
"name": "CVE-2021-3753",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3753"
},
{
"name": "CVE-2020-27783",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-27783"
},
{
"name": "CVE-2020-7656",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-7656"
},
{
"name": "CVE-2021-4204",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-4204"
},
{
"name": "CVE-2021-43975",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43975"
},
{
"name": "CVE-2022-23222",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-23222"
},
{
"name": "CVE-2022-3565",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3565"
},
{
"name": "CVE-2022-3640",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3640"
},
{
"name": "CVE-2022-3545",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3545"
},
{
"name": "CVE-2022-3594",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3594"
},
{
"name": "CVE-2022-45061",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45061"
},
{
"name": "CVE-2022-26377",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26377"
},
{
"name": "CVE-2022-42895",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-42895"
},
{
"name": "CVE-2022-45869",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45869"
},
{
"name": "CVE-2022-41858",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-41858"
},
{
"name": "CVE-2022-45934",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45934"
},
{
"name": "CVE-2022-28388",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-28388"
},
{
"name": "CVE-2022-0500",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-0500"
},
{
"name": "CVE-2017-7500",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7500"
},
{
"name": "CVE-2011-4969",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4969"
},
{
"name": "CVE-2022-3094",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3094"
},
{
"name": "CVE-2023-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-23455"
},
{
"name": "CVE-2023-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0590"
},
{
"name": "CVE-2022-38096",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38096"
},
{
"name": "CVE-2023-26545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26545"
},
{
"name": "CVE-2023-25012",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25012"
},
{
"name": "CVE-2023-0597",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0597"
},
{
"name": "CVE-2023-1118",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1118"
},
{
"name": "CVE-2023-28328",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28328"
},
{
"name": "CVE-2023-1075",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1075"
},
{
"name": "CVE-2023-1074",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1074"
},
{
"name": "CVE-2023-1073",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1073"
},
{
"name": "CVE-2022-4744",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-4744"
},
{
"name": "CVE-2023-28464",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28464"
},
{
"name": "CVE-2023-1513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1513"
},
{
"name": "CVE-2023-28772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28772"
},
{
"name": "CVE-2023-1382",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1382"
},
{
"name": "CVE-2023-1989",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1989"
},
{
"name": "CVE-2023-1855",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1855"
},
{
"name": "CVE-2023-30456",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-30456"
},
{
"name": "CVE-2023-1079",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1079"
},
{
"name": "CVE-2023-1998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1998"
},
{
"name": "CVE-2023-1838",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1838"
},
{
"name": "CVE-2023-2176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2176"
},
{
"name": "CVE-2023-2162",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2162"
},
{
"name": "CVE-2023-32360",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32360"
},
{
"name": "CVE-2023-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31436"
},
{
"name": "CVE-2023-0458",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-0458"
},
{
"name": "CVE-2023-2513",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2513"
},
{
"name": "CVE-2022-45884",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45884"
},
{
"name": "CVE-2022-45887",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45887"
},
{
"name": "CVE-2023-31084",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31084"
},
{
"name": "CVE-2022-45919",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-45919"
},
{
"name": "CVE-2023-2828",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2828"
},
{
"name": "CVE-2023-33203",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33203"
},
{
"name": "CVE-2023-28322",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28322"
},
{
"name": "CVE-2023-3212",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3212"
},
{
"name": "CVE-2023-3268",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3268"
},
{
"name": "CVE-2023-3141",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3141"
},
{
"name": "CVE-2023-3161",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3161"
},
{
"name": "CVE-2023-35823",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35823"
},
{
"name": "CVE-2023-33951",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33951"
},
{
"name": "CVE-2023-35824",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-35824"
},
{
"name": "CVE-2023-33952",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33952"
},
{
"name": "CVE-2023-34967",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34967"
},
{
"name": "CVE-2023-34966",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34966"
},
{
"name": "CVE-2023-34968",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34968"
},
{
"name": "CVE-2023-3611",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3611"
},
{
"name": "CVE-2023-3609",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3609"
},
{
"name": "CVE-2023-3812",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3812"
},
{
"name": "CVE-2022-40982",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40982"
},
{
"name": "CVE-2023-20569",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-20569"
},
{
"name": "CVE-2023-25775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-25775"
},
{
"name": "CVE-2022-46329",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-46329"
},
{
"name": "CVE-2023-2163",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2163"
},
{
"name": "CVE-2023-2166",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2166"
},
{
"name": "CVE-2023-38409",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38409"
},
{
"name": "CVE-2023-31083",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-31083"
},
{
"name": "CVE-2023-3567",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3567"
},
{
"name": "CVE-2023-4132",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4132"
},
{
"name": "CVE-2023-1206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1206"
},
{
"name": "CVE-2023-40283",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40283"
},
{
"name": "CVE-2023-4128",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4128"
},
{
"name": "CVE-2023-4133",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4133"
},
{
"name": "CVE-2023-4155",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4155"
},
{
"name": "CVE-2023-3772",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3772"
},
{
"name": "CVE-2023-4206",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4206"
},
{
"name": "CVE-2023-4208",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4208"
},
{
"name": "CVE-2023-4622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4622"
},
{
"name": "CVE-2023-4207",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4207"
},
{
"name": "CVE-2022-40133",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-40133"
},
{
"name": "CVE-2022-38457",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-38457"
},
{
"name": "CVE-2022-36402",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-36402"
},
{
"name": "CVE-2023-37453",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37453"
},
{
"name": "CVE-2023-3341",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3341"
},
{
"name": "CVE-2023-1192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1192"
},
{
"name": "CVE-2023-4623",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4623"
},
{
"name": "CVE-2023-42753",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42753"
},
{
"name": "CVE-2023-4091",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4091"
},
{
"name": "CVE-2023-42669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42669"
},
{
"name": "CVE-2023-4921",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4921"
},
{
"name": "CVE-2023-39192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39192"
},
{
"name": "CVE-2023-39193",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39193"
},
{
"name": "CVE-2023-42754",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42754"
},
{
"name": "CVE-2023-39194",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39194"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2023-38546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38546"
},
{
"name": "CVE-2023-42755",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42755"
},
{
"name": "CVE-2023-4244",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4244"
},
{
"name": "CVE-2023-39189",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39189"
},
{
"name": "CVE-2023-5178",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5178"
},
{
"name": "CVE-2023-46813",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46813"
},
{
"name": "CVE-2023-45862",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45862"
},
{
"name": "CVE-2023-1252",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1252"
},
{
"name": "CVE-2023-24023",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24023"
},
{
"name": "CVE-2023-45803",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45803"
},
{
"name": "CVE-2023-43804",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-43804"
},
{
"name": "CVE-2023-4732",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4732"
},
{
"name": "CVE-2023-5633",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5633"
},
{
"name": "CVE-2023-5717",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5717"
},
{
"name": "CVE-2023-45871",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45871"
},
{
"name": "CVE-2023-39198",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39198"
},
{
"name": "CVE-2023-39615",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39615"
},
{
"name": "CVE-2023-26604",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26604"
},
{
"name": "CVE-2021-43618",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43618"
},
{
"name": "CVE-2023-5981",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5981"
},
{
"name": "CVE-2022-48560",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48560"
},
{
"name": "CVE-2023-6176",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6176"
},
{
"name": "CVE-2023-45863",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-45863"
},
{
"name": "CVE-2023-51385",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51385"
},
{
"name": "CVE-2023-48795",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-48795"
},
{
"name": "CVE-2023-6135",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6135"
},
{
"name": "CVE-2023-6931",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6931"
},
{
"name": "CVE-2023-6606",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6606"
},
{
"name": "CVE-2023-6121",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6121"
},
{
"name": "CVE-2023-6546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6546"
},
{
"name": "CVE-2023-51779",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51779"
},
{
"name": "CVE-2023-6622",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6622"
},
{
"name": "CVE-2023-6932",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6932"
},
{
"name": "CVE-2023-6610",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6610"
},
{
"name": "CVE-2023-6817",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6817"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-6536",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6536"
},
{
"name": "CVE-2023-6356",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6356"
},
{
"name": "CVE-2023-6535",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6535"
},
{
"name": "CVE-2023-7192",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-7192"
},
{
"name": "CVE-2024-0646",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0646"
},
{
"name": "CVE-2023-28487",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28487"
},
{
"name": "CVE-2022-26691",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-26691"
},
{
"name": "CVE-2023-28486",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-28486"
},
{
"name": "CVE-2023-50868",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50868"
},
{
"name": "CVE-2023-4408",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4408"
},
{
"name": "CVE-2023-50387",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50387"
},
{
"name": "CVE-2024-0565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0565"
},
{
"name": "CVE-2023-51780",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51780"
},
{
"name": "CVE-2023-51042",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51042"
},
{
"name": "CVE-2023-51043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51043"
},
{
"name": "CVE-2023-6915",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-6915"
},
{
"name": "CVE-2021-33631",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-33631"
},
{
"name": "CVE-2024-1086",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1086"
},
{
"name": "CVE-2023-46218",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46218"
},
{
"name": "CVE-2024-22243",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22243"
},
{
"name": "CVE-2024-22259",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22259"
},
{
"name": "CVE-2023-52448",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52448"
},
{
"name": "CVE-2024-26602",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26602"
},
{
"name": "CVE-2023-5388",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5388"
},
{
"name": "CVE-2023-42465",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-42465"
},
{
"name": "CVE-2023-52340",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52340"
},
{
"name": "CVE-2023-52574",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52574"
},
{
"name": "CVE-2022-2127",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-2127"
},
{
"name": "CVE-2023-27043",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-27043"
},
{
"name": "CVE-2022-48564",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48564"
},
{
"name": "CVE-2023-50961",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50961"
},
{
"name": "CVE-2021-43818",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-43818"
},
{
"name": "CVE-2023-50960",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-50960"
},
{
"name": "CVE-2024-22262",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22262"
},
{
"name": "CVE-2023-52434",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52434"
},
{
"name": "CVE-2017-7501",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-7501"
},
{
"name": "CVE-2021-35939",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35939"
},
{
"name": "CVE-2019-19203",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19203"
},
{
"name": "CVE-2023-1786",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-1786"
},
{
"name": "CVE-2024-0553",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0553"
},
{
"name": "CVE-2021-35938",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35938"
},
{
"name": "CVE-2021-41043",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41043"
},
{
"name": "CVE-2020-28241",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-28241"
},
{
"name": "CVE-2021-35937",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-35937"
},
{
"name": "CVE-2019-19204",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19204"
},
{
"name": "CVE-2019-16163",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-16163"
},
{
"name": "CVE-2019-19012",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-19012"
},
{
"name": "CVE-2024-0841",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-0841"
},
{
"name": "CVE-2024-25742",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25742"
},
{
"name": "CVE-2024-26671",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26671"
},
{
"name": "CVE-2023-52620",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52620"
},
{
"name": "CVE-2024-25743",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25743"
},
{
"name": "CVE-2023-52581",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52581"
},
{
"name": "CVE-2023-52580",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52580"
},
{
"name": "CVE-2024-26609",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-26609"
},
{
"name": "CVE-2023-52489",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52489"
},
{
"name": "CVE-2020-10001",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-10001"
},
{
"name": "CVE-2014-3146",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3146"
},
{
"name": "CVE-2024-1488",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1488"
},
{
"name": "CVE-2018-19787",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-19787"
},
{
"name": "CVE-2024-27269",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27269"
},
{
"name": "CVE-2023-32324",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-32324"
},
{
"name": "CVE-2022-48624",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-48624"
},
{
"name": "CVE-2020-3898",
"url": "https://www.cve.org/CVERecord?id=CVE-2020-3898"
},
{
"name": "CVE-2007-4559",
"url": "https://www.cve.org/CVERecord?id=CVE-2007-4559"
},
{
"name": "CVE-2023-34241",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-34241"
},
{
"name": "CVE-2023-3138",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3138"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2023-3758",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-3758"
},
{
"name": "CVE-2023-40546",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40546"
},
{
"name": "CVE-2023-40547",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40547"
},
{
"name": "CVE-2023-40548",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40548"
},
{
"name": "CVE-2023-40549",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40549"
},
{
"name": "CVE-2023-40550",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40550"
},
{
"name": "CVE-2023-40551",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-40551"
},
{
"name": "CVE-2001-1267",
"url": "https://www.cve.org/CVERecord?id=CVE-2001-1267"
},
{
"name": "CVE-2024-28784",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28784"
}
],
"initial_release_date": "2024-06-19T00:00:00",
"last_revision_date": "2024-06-19T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0506",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-19T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Juniper Networks. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Juniper Secure Analytics",
"vendor_advisories": [
{
"published_at": "2024-06-19",
"title": "Bulletin de s\u00e9curit\u00e9 Juniper Networks JSA82681",
"url": "https://supportportal.juniper.net/s/article/On-Demand-JSA-Series-Multiple-vulnerabilities-resolved-in-Juniper-Secure-Analytics-in-7-5-0-UP8-IF03"
}
]
}
CERTFR-2024-AVI-0529
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | N/A | IBM WebSphere Hybrid Edition version 5.1 sans le dernier correctif de sécurité (APAR PH61504) pour IBM WebSphere Application Server | ||
| IBM | Cloud Pak | IBM Cognos Dashboards sur Cloud Pak for Data versions antérieures à 5.0 | ||
| IBM | N/A | WebSphere Service Registry and Repository version 8.5 sans le dernier correctif de sécurité (APAR PH61504) pour IBM WebSphere Application Server | ||
| IBM | N/A | IBM WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de sécurité (APAR PH61504) pour IBM WebSphere Application Server | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 12.x antérieures à 12.0.3 IF1 | ||
| IBM | Cognos Analytics | IBM Cognos Analytics versions 11.2.x antérieures à 11.2.4 FP4 |
References
| Title | Publication Time | Tags | ||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "IBM WebSphere Hybrid Edition version 5.1 sans le dernier correctif de s\u00e9curit\u00e9 (APAR PH61504) pour IBM WebSphere Application Server",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Dashboards sur Cloud Pak for Data versions ant\u00e9rieures \u00e0 5.0",
"product": {
"name": "Cloud Pak",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "WebSphere Service Registry and Repository version 8.5 sans le dernier correctif de s\u00e9curit\u00e9 (APAR PH61504) pour IBM WebSphere Application Server",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM WebSphere Remote Server versions 9.1, 9.0 et 8.5 sans le dernier correctif de s\u00e9curit\u00e9 (APAR PH61504) pour IBM WebSphere Application Server",
"product": {
"name": "N/A",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 12.x ant\u00e9rieures \u00e0 12.0.3 IF1",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "IBM Cognos Analytics versions 11.2.x ant\u00e9rieures \u00e0 11.2.4 FP4",
"product": {
"name": "Cognos Analytics",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-20919",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20919"
},
{
"name": "CVE-2022-31129",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-31129"
},
{
"name": "CVE-2024-1597",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-1597"
},
{
"name": "CVE-2024-37532",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37532"
},
{
"name": "CVE-2023-52425",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52425"
},
{
"name": "CVE-2017-20189",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-20189"
},
{
"name": "CVE-2010-4756",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4756"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-28757",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28757"
},
{
"name": "CVE-2024-27322",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-27322"
},
{
"name": "CVE-2023-52426",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-52426"
},
{
"name": "CVE-2022-25647",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-25647"
},
{
"name": "CVE-2022-3715",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-3715"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-5363",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5363"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2022-29622",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-29622"
},
{
"name": "CVE-2019-0231",
"url": "https://www.cve.org/CVERecord?id=CVE-2019-0231"
},
{
"name": "CVE-2024-25041",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25041"
},
{
"name": "CVE-2023-38552",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-38552"
},
{
"name": "CVE-2021-23358",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-23358"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2021-41973",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-41973"
},
{
"name": "CVE-2024-21634",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21634"
},
{
"name": "CVE-2023-46750",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46750"
},
{
"name": "CVE-2023-46749",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46749"
},
{
"name": "CVE-2021-36770",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-36770"
},
{
"name": "CVE-2024-28233",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-28233"
},
{
"name": "CVE-2022-24785",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24785"
},
{
"name": "CVE-2023-37466",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37466"
},
{
"name": "CVE-2023-51775",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-51775"
},
{
"name": "CVE-2023-37903",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-37903"
},
{
"name": "CVE-2023-33850",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-33850"
},
{
"name": "CVE-2021-20086",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-20086"
},
{
"name": "CVE-2017-20162",
"url": "https://www.cve.org/CVERecord?id=CVE-2017-20162"
},
{
"name": "CVE-2023-44483",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-44483"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2023-24998",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-24998"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2018-9466",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-9466"
},
{
"name": "CVE-2023-2976",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-2976"
},
{
"name": "CVE-2024-25053",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-25053"
},
{
"name": "CVE-2023-39331",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39331"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2021-3377",
"url": "https://www.cve.org/CVERecord?id=CVE-2021-3377"
},
{
"name": "CVE-2022-24903",
"url": "https://www.cve.org/CVERecord?id=CVE-2022-24903"
},
{
"name": "CVE-2023-39332",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39332"
},
{
"name": "CVE-2023-39333",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-39333"
},
{
"name": "CVE-2023-26159",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-26159"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2024-06-28T00:00:00",
"last_revision_date": "2024-06-28T00:00:00",
"links": [],
"reference": "CERTFR-2024-AVI-0529",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2024-06-28T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2024-06-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7156941",
"url": "https://www.ibm.com/support/pages/node/7156941"
},
{
"published_at": "2024-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7158537",
"url": "https://www.ibm.com/support/pages/node/7158537"
},
{
"published_at": "2024-06-27",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7157712",
"url": "https://www.ibm.com/support/pages/node/7157712"
},
{
"published_at": "2024-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7158652",
"url": "https://www.ibm.com/support/pages/node/7158652"
},
{
"published_at": "2024-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7158539",
"url": "https://www.ibm.com/support/pages/node/7158539"
},
{
"published_at": "2024-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7158762",
"url": "https://www.ibm.com/support/pages/node/7158762"
}
]
}
CERTFR-2025-AVI-0045
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits IBM. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| IBM | QRadar Log Source Management App | QRadar Log Source Management App versions antérieures à 7.0.11 | ||
| IBM | Db2 Query Management Facility | DB2 Query Management Facility versions 13.1.1 et 13.1.2 sans la dernière version du JRE |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "QRadar Log Source Management App versions ant\u00e9rieures \u00e0 7.0.11",
"product": {
"name": "QRadar Log Source Management App",
"vendor": {
"name": "IBM",
"scada": false
}
}
},
{
"description": "DB2 Query Management Facility versions 13.1.1 et 13.1.2 sans la derni\u00e8re version du JRE",
"product": {
"name": "Db2 Query Management Facility",
"vendor": {
"name": "IBM",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-42459",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42459"
},
{
"name": "CVE-2024-21536",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21536"
},
{
"name": "CVE-2024-55565",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55565"
},
{
"name": "CVE-2024-43788",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43788"
},
{
"name": "CVE-2024-4068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4068"
},
{
"name": "CVE-2024-20926",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20926"
},
{
"name": "CVE-2024-43799",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43799"
},
{
"name": "CVE-2024-42460",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42460"
},
{
"name": "CVE-2024-22361",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-22361"
},
{
"name": "CVE-2024-20921",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20921"
},
{
"name": "CVE-2023-4807",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-4807"
},
{
"name": "CVE-2024-33883",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-33883"
},
{
"name": "CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"name": "CVE-2024-45590",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45590"
},
{
"name": "CVE-2024-43796",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43796"
},
{
"name": "CVE-2024-4067",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-4067"
},
{
"name": "CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"name": "CVE-2024-48949",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48949"
},
{
"name": "CVE-2024-21538",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-21538"
},
{
"name": "CVE-2024-47764",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47764"
},
{
"name": "CVE-2024-48948",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-48948"
},
{
"name": "CVE-2024-45296",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45296"
},
{
"name": "CVE-2024-45801",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-45801"
},
{
"name": "CVE-2024-52798",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52798"
},
{
"name": "CVE-2024-47875",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47875"
},
{
"name": "CVE-2024-37890",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37890"
},
{
"name": "CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"name": "CVE-2024-43800",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43800"
},
{
"name": "CVE-2024-47068",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47068"
},
{
"name": "CVE-2024-20932",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20932"
},
{
"name": "CVE-2024-20918",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20918"
},
{
"name": "CVE-2024-42461",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-42461"
},
{
"name": "CVE-2024-20945",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20945"
},
{
"name": "CVE-2024-20952",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-20952"
}
],
"initial_release_date": "2025-01-17T00:00:00",
"last_revision_date": "2025-01-17T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0045",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits IBM. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits IBM",
"vendor_advisories": [
{
"published_at": "2025-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180895",
"url": "https://www.ibm.com/support/pages/node/7180895"
},
{
"published_at": "2025-01-13",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180894",
"url": "https://www.ibm.com/support/pages/node/7180894"
},
{
"published_at": "2025-01-10",
"title": "Bulletin de s\u00e9curit\u00e9 IBM 7180725",
"url": "https://www.ibm.com/support/pages/node/7180725"
}
]
}
rhsa-2024_0866
Vulnerability from csaf_redhat
Published
2024-02-19 18:02
Modified
2024-11-15 17:43
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP15.
Security Fix(es):
* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)
* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP15.\n\nSecurity Fix(es):\n\n* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)\n\n* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)\n\n* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0866",
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0866.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2024-11-15T17:43:35+00:00",
"generator": {
"date": "2024-11-15T17:43:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0866",
"initial_release_date": "2024-02-19T18:02:02+00:00",
"revision_history": [
{
"date": "2024-02-19T18:02:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-19T18:02:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T17:43:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::supplementary"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250255"
}
],
"notes": [
{
"category": "description",
"text": "Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite busy hang on a spinlock or a segmentation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Eclipse OpenJ9 JVM denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "RHBZ#2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"category": "external",
"summary": "https://github.com/eclipse-openj9/openj9/pull/18085",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/apar/IJ49075",
"url": "https://www.ibm.com/support/pages/apar/IJ49075"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Eclipse OpenJ9 JVM denial of service"
},
{
"cve": "CVE-2023-22067",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243637"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: IOR deserialization issue in CORBA (8303384)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "RHBZ#2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: IOR deserialization issue in CORBA (8303384)"
},
{
"cve": "CVE-2023-22081",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243627"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate path validation issue during client authentication (8309966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "RHBZ#2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate path validation issue during client authentication (8309966)"
}
]
}
rhsa-2024:0879
Vulnerability from csaf_redhat
Published
2024-02-20 08:59
Modified
2025-10-09 23:58
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP15.
Security Fix(es):
* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)
* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP15.\n\nSecurity Fix(es):\n\n* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)\n\n* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)\n\n* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0879",
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0879.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:58:29+00:00",
"generator": {
"date": "2025-10-09T23:58:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:0879",
"initial_release_date": "2024-02-20T08:59:42+00:00",
"revision_history": [
{
"date": "2024-02-20T08:59:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-20T08:59:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:58:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250255"
}
],
"notes": [
{
"category": "description",
"text": "Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite busy hang on a spinlock or a segmentation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Eclipse OpenJ9 JVM denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "RHBZ#2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"category": "external",
"summary": "https://github.com/eclipse-openj9/openj9/pull/18085",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/apar/IJ49075",
"url": "https://www.ibm.com/support/pages/apar/IJ49075"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Eclipse OpenJ9 JVM denial of service"
},
{
"cve": "CVE-2023-22067",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243637"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: IOR deserialization issue in CORBA (8303384)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "RHBZ#2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: IOR deserialization issue in CORBA (8303384)"
},
{
"cve": "CVE-2023-22081",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243627"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate path validation issue during client authentication (8309966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "RHBZ#2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate path validation issue during client authentication (8309966)"
}
]
}
rhsa-2024:0866
Vulnerability from csaf_redhat
Published
2024-02-19 18:02
Modified
2025-10-09 23:58
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP15.
Security Fix(es):
* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)
* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP15.\n\nSecurity Fix(es):\n\n* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)\n\n* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)\n\n* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0866",
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0866.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:58:29+00:00",
"generator": {
"date": "2025-10-09T23:58:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:0866",
"initial_release_date": "2024-02-19T18:02:02+00:00",
"revision_history": [
{
"date": "2024-02-19T18:02:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-19T18:02:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:58:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::supplementary"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250255"
}
],
"notes": [
{
"category": "description",
"text": "Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite busy hang on a spinlock or a segmentation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Eclipse OpenJ9 JVM denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "RHBZ#2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"category": "external",
"summary": "https://github.com/eclipse-openj9/openj9/pull/18085",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/apar/IJ49075",
"url": "https://www.ibm.com/support/pages/apar/IJ49075"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Eclipse OpenJ9 JVM denial of service"
},
{
"cve": "CVE-2023-22067",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243637"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: IOR deserialization issue in CORBA (8303384)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "RHBZ#2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: IOR deserialization issue in CORBA (8303384)"
},
{
"cve": "CVE-2023-22081",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243627"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate path validation issue during client authentication (8309966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "RHBZ#2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate path validation issue during client authentication (8309966)"
}
]
}
RHSA-2024:0879
Vulnerability from csaf_redhat
Published
2024-02-20 08:59
Modified
2025-10-09 23:58
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP15.
Security Fix(es):
* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)
* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP15.\n\nSecurity Fix(es):\n\n* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)\n\n* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)\n\n* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0879",
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0879.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:58:29+00:00",
"generator": {
"date": "2025-10-09T23:58:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:0879",
"initial_release_date": "2024-02-20T08:59:42+00:00",
"revision_history": [
{
"date": "2024-02-20T08:59:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-20T08:59:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:58:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250255"
}
],
"notes": [
{
"category": "description",
"text": "Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite busy hang on a spinlock or a segmentation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Eclipse OpenJ9 JVM denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "RHBZ#2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"category": "external",
"summary": "https://github.com/eclipse-openj9/openj9/pull/18085",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/apar/IJ49075",
"url": "https://www.ibm.com/support/pages/apar/IJ49075"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Eclipse OpenJ9 JVM denial of service"
},
{
"cve": "CVE-2023-22067",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243637"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: IOR deserialization issue in CORBA (8303384)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "RHBZ#2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: IOR deserialization issue in CORBA (8303384)"
},
{
"cve": "CVE-2023-22081",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243627"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate path validation issue during client authentication (8309966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "RHBZ#2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate path validation issue during client authentication (8309966)"
}
]
}
rhsa-2024_0879
Vulnerability from csaf_redhat
Published
2024-02-20 08:59
Modified
2024-11-15 17:44
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP15.
Security Fix(es):
* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)
* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP15.\n\nSecurity Fix(es):\n\n* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)\n\n* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)\n\n* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0879",
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0879.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2024-11-15T17:44:08+00:00",
"generator": {
"date": "2024-11-15T17:44:08+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2024:0879",
"initial_release_date": "2024-02-20T08:59:42+00:00",
"revision_history": [
{
"date": "2024-02-20T08:59:42+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-20T08:59:42+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-15T17:44:08+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.9.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.9.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.9.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.9.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250255"
}
],
"notes": [
{
"category": "description",
"text": "Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite busy hang on a spinlock or a segmentation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Eclipse OpenJ9 JVM denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "RHBZ#2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"category": "external",
"summary": "https://github.com/eclipse-openj9/openj9/pull/18085",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/apar/IJ49075",
"url": "https://www.ibm.com/support/pages/apar/IJ49075"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Eclipse OpenJ9 JVM denial of service"
},
{
"cve": "CVE-2023-22067",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243637"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: IOR deserialization issue in CORBA (8303384)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "RHBZ#2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: IOR deserialization issue in CORBA (8303384)"
},
{
"cve": "CVE-2023-22081",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243627"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate path validation issue during client authentication (8309966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "RHBZ#2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-20T08:59:42+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0879"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Client-7.9.Z-Client:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7ComputeNode-7.9.Z-ComputeNode:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Server-7.9.Z-Server:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-demo-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-devel-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1jpp.1.el7.x86_64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.ppc64le",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.s390x",
"7Workstation-7.9.Z-Workstation:java-1.8.0-ibm-src-1:1.8.0.8.15-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate path validation issue during client authentication (8309966)"
}
]
}
RHSA-2024:0866
Vulnerability from csaf_redhat
Published
2024-02-19 18:02
Modified
2025-10-09 23:58
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR8-FP15.
Security Fix(es):
* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)
* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)
* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR8-FP15.\n\nSecurity Fix(es):\n\n* IBM JDK: Eclipse OpenJ9 JVM denial of service (CVE-2023-5676)\n\n* OpenJDK: IOR deserialization issue in CORBA (8303384) (CVE-2023-22067)\n\n* OpenJDK: certificate path validation issue during client authentication (8309966) (CVE-2023-22081)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2024:0866",
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2024/rhsa-2024_0866.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2025-10-09T23:58:29+00:00",
"generator": {
"date": "2025-10-09T23:58:29+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2024:0866",
"initial_release_date": "2024-02-19T18:02:02+00:00",
"revision_history": [
{
"date": "2024-02-19T18:02:02+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2024-02-19T18:02:02+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-09T23:58:29+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product": {
"name": "Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:enterprise_linux:8::supplementary"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.15-1.el8_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-demo@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-headless@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-jdbc@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-plugin@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-src@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_id": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-webstart@1.8.0.8.15-1.el8_9?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 8)",
"product_id": "Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64",
"relates_to_product_reference": "Supplementary-8.9.0.Z.MAIN"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"cwe": {
"id": "CWE-364",
"name": "Signal Handler Race Condition"
},
"discovery_date": "2023-11-15T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2250255"
}
],
"notes": [
{
"category": "description",
"text": "Eclipse OpenJ9 is vulnerable to a denial of service, caused by a flaw when a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing. By sending a specially crafted request, a local authenticated attacker could exploit this vulnerability to cause an infinite busy hang on a spinlock or a segmentation fault.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: Eclipse OpenJ9 JVM denial of service",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "RHBZ#2250255",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2250255"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-5676",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-5676"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"category": "external",
"summary": "https://github.com/eclipse-openj9/openj9/pull/18085",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"category": "external",
"summary": "https://www.ibm.com/support/pages/apar/IJ49075",
"url": "https://www.ibm.com/support/pages/apar/IJ49075"
}
],
"release_date": "2023-11-15T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: Eclipse OpenJ9 JVM denial of service"
},
{
"cve": "CVE-2023-22067",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243637"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: IOR deserialization issue in CORBA (8303384)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "RHBZ#2243637",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243637"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22067",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22067"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22067"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: IOR deserialization issue in CORBA (8303384)"
},
{
"cve": "CVE-2023-22081",
"cwe": {
"id": "CWE-295",
"name": "Improper Certificate Validation"
},
"discovery_date": "2023-09-29T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2243627"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: certificate path validation issue during client authentication (8309966)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "RHBZ#2243627",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2243627"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2023-22081",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-22081"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-22081"
}
],
"release_date": "2023-10-17T20:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2024-02-19T18:02:02+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2024:0866"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-demo-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-devel-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-headless-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-jdbc-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-plugin-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.s390x",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-src-1:1.8.0.8.15-1.el8_9.x86_64",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.ppc64le",
"Supplementary-8.9.0.Z.MAIN:java-1.8.0-ibm-webstart-1:1.8.0.8.15-1.el8_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: certificate path validation issue during client authentication (8309966)"
}
]
}
WID-SEC-W-2024-0521
Vulnerability from csaf_certbund
Published
2024-02-29 23:00
Modified
2024-12-15 23:00
Summary
IBM MQ: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM MQ ist eine Message Oriented Middleware von IBM.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM MQ ist eine Message Oriented Middleware von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0521 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0521.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0521 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0521"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123135 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123135"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123136 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123136"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123137 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123137"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123138 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123138"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123139 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123139"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7126571 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7126571"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7129251 vom 2024-03-01",
"url": "https://www.ibm.com/support/pages/node/7129251"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7137570 vom 2024-03-12",
"url": "https://www.ibm.com/support/pages/node/7137570"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7138007 vom 2024-03-12",
"url": "https://www.ibm.com/support/pages/node/7138007"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145367 vom 2024-03-27",
"url": "https://www.ibm.com/support/pages/node/7145367"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145780 vom 2024-04-03",
"url": "https://www.ibm.com/support/pages/node/7145780"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7146478 vom 2024-04-04",
"url": "https://www.ibm.com/support/pages/node/7146478"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7114770 vom 2024-05-01",
"url": "https://www.ibm.com/support/pages/node/7114770"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150144 vom 2024-05-03",
"url": "https://www.ibm.com/support/pages/node/7150144"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150158 vom 2024-05-03",
"url": "https://www.ibm.com/support/pages/node/7150158"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162189 vom 2024-08-01",
"url": "https://www.ibm.com/support/pages/node/7162189"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178670 vom 2024-12-13",
"url": "https://www.ibm.com/support/pages/node/7178670"
}
],
"source_lang": "en-US",
"title": "IBM MQ: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-15T23:00:00.000+00:00",
"generator": {
"date": "2024-12-16T09:17:31.864+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-0521",
"initial_release_date": "2024-02-29T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-02-29T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-03T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-04T23:00:00.000+00:00",
"number": "3",
"summary": "CVE-Zuordnung korrigiert"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-27T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-05T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.25",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.25",
"product_id": "T033537"
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.25",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.25",
"product_id": "T033537-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.11.3",
"product": {
"name": "IBM App Connect Enterprise \u003c=12.0.11.3",
"product_id": "T033842"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.11.3",
"product": {
"name": "IBM App Connect Enterprise \u003c=12.0.11.3",
"product_id": "T033842-fixed"
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.4",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.4",
"product_id": "T033810"
}
},
{
"category": "product_version",
"name": "10.5.4",
"product": {
"name": "IBM DataPower Gateway 10.5.4",
"product_id": "T033810-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.10",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.10",
"product_id": "T033811"
}
},
{
"category": "product_version",
"name": "10.5.0.10",
"product": {
"name": "IBM DataPower Gateway 10.5.0.10",
"product_id": "T033811-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.18",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.1.18",
"product_id": "T033812"
}
},
{
"category": "product_version",
"name": "10.0.1.18",
"product": {
"name": "IBM DataPower Gateway 10.0.1.18",
"product_id": "T033812-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.2",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.2",
"product_id": "T039840"
}
},
{
"category": "product_version",
"name": "10.6.2",
"product": {
"name": "IBM DataPower Gateway 10.6.2",
"product_id": "T039840-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.3",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.3",
"product_id": "T039841"
}
},
{
"category": "product_version",
"name": "10.6.0.3",
"product": {
"name": "IBM DataPower Gateway 10.6.0.3",
"product_id": "T039841-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.15",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.15",
"product_id": "T039842"
}
},
{
"category": "product_version",
"name": "10.5.0.15",
"product": {
"name": "IBM DataPower Gateway 10.5.0.15",
"product_id": "T039842-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.15"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332"
}
},
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332-fixed"
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1 LTS",
"product": {
"name": "IBM MQ 9.1 LTS",
"product_id": "T015789",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1_lts"
}
}
},
{
"category": "product_version",
"name": "9.0 LTS",
"product": {
"name": "IBM MQ 9.0 LTS",
"product_id": "T015792",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.0_lts"
}
}
},
{
"category": "product_version",
"name": "9.2 LTS",
"product": {
"name": "IBM MQ 9.2 LTS",
"product_id": "T018186",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2_lts"
}
}
},
{
"category": "product_version",
"name": "9.3 LTS",
"product": {
"name": "IBM MQ 9.3 LTS",
"product_id": "T024689",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_lts"
}
}
},
{
"category": "product_version",
"name": "9.3 CD",
"product": {
"name": "IBM MQ 9.3 CD",
"product_id": "T024690",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_cd"
}
}
},
{
"category": "product_version",
"name": "Operator v3.1.0 CD",
"product": {
"name": "IBM MQ Operator v3.1.0 CD",
"product_id": "T033202",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v3.1.0__cd"
}
}
},
{
"category": "product_version",
"name": "Operator v2.0.19 LTS",
"product": {
"name": "IBM MQ Operator v2.0.19 LTS",
"product_id": "T033203",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v2.0.19_lts"
}
}
},
{
"category": "product_version",
"name": "Operator v2.4.8",
"product": {
"name": "IBM MQ Operator v2.4.8",
"product_id": "T033204",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v2.4.8"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"branches": [
{
"category": "product_version",
"name": "V10",
"product": {
"name": "IBM Power Hardware Management Console V10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP8",
"product_id": "T033681"
}
},
{
"category": "product_version",
"name": "7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP8",
"product_id": "T033681-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T002782",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"category": "product_name",
"name": "IBM Storage Scale",
"product": {
"name": "IBM Storage Scale",
"product_id": "T019402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:-"
}
}
},
{
"category": "product_name",
"name": "IBM Storwize",
"product": {
"name": "IBM Storwize",
"product_id": "T021621",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storwize:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2001-1550",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2001-1550"
},
{
"cve": "CVE-2002-1711",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2002-1711"
},
{
"cve": "CVE-2002-1713",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2002-1713"
},
{
"cve": "CVE-2005-1941",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2005-1941"
},
{
"cve": "CVE-2020-28241",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2020-28241"
},
{
"cve": "CVE-2022-48468",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2022-48468"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-39615",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-39976",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-39976"
},
{
"cve": "CVE-2023-4218",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-4218"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45287",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-45287"
},
{
"cve": "CVE-2023-49568",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-49568"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-5676",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2023-7104",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-7104"
},
{
"cve": "CVE-2024-0553",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-0553"
},
{
"cve": "CVE-2024-27255",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-27255"
},
{
"cve": "CVE-2023-26159",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-26159"
},
{
"cve": "CVE-2023-47745",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-47745"
},
{
"cve": "CVE-2024-25016",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-25016"
}
]
}
wid-sec-w-2024-0521
Vulnerability from csaf_certbund
Published
2024-02-29 23:00
Modified
2024-12-15 23:00
Summary
IBM MQ: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM MQ ist eine Message Oriented Middleware von IBM.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuführen, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Sonstiges
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM MQ ist eine Message Oriented Middleware von IBM.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in IBM MQ ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0521 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0521.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0521 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0521"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123135 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123135"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123136 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123136"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123137 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123137"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123138 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123138"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7123139 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7123139"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7126571 vom 2024-02-29",
"url": "https://www.ibm.com/support/pages/node/7126571"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7129251 vom 2024-03-01",
"url": "https://www.ibm.com/support/pages/node/7129251"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7137570 vom 2024-03-12",
"url": "https://www.ibm.com/support/pages/node/7137570"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7138007 vom 2024-03-12",
"url": "https://www.ibm.com/support/pages/node/7138007"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145367 vom 2024-03-27",
"url": "https://www.ibm.com/support/pages/node/7145367"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7145780 vom 2024-04-03",
"url": "https://www.ibm.com/support/pages/node/7145780"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7146478 vom 2024-04-04",
"url": "https://www.ibm.com/support/pages/node/7146478"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7114770 vom 2024-05-01",
"url": "https://www.ibm.com/support/pages/node/7114770"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150144 vom 2024-05-03",
"url": "https://www.ibm.com/support/pages/node/7150144"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7150158 vom 2024-05-03",
"url": "https://www.ibm.com/support/pages/node/7150158"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7162189 vom 2024-08-01",
"url": "https://www.ibm.com/support/pages/node/7162189"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7178670 vom 2024-12-13",
"url": "https://www.ibm.com/support/pages/node/7178670"
}
],
"source_lang": "en-US",
"title": "IBM MQ: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-12-15T23:00:00.000+00:00",
"generator": {
"date": "2024-12-16T09:17:31.864+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.10"
}
},
"id": "WID-SEC-W-2024-0521",
"initial_release_date": "2024-02-29T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-02-29T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-03-03T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-04T23:00:00.000+00:00",
"number": "3",
"summary": "CVE-Zuordnung korrigiert"
},
{
"date": "2024-03-11T23:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-12T23:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-03-27T23:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2024-04-04T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-01T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-02T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-05-05T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-08-01T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2024-12-15T23:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
}
],
"status": "final",
"version": "13"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.25",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.25",
"product_id": "T033537"
}
},
{
"category": "product_version_range",
"name": "\u003c=11.0.0.25",
"product": {
"name": "IBM App Connect Enterprise \u003c=11.0.0.25",
"product_id": "T033537-fixed"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.11.3",
"product": {
"name": "IBM App Connect Enterprise \u003c=12.0.11.3",
"product_id": "T033842"
}
},
{
"category": "product_version_range",
"name": "\u003c=12.0.11.3",
"product": {
"name": "IBM App Connect Enterprise \u003c=12.0.11.3",
"product_id": "T033842-fixed"
}
}
],
"category": "product_name",
"name": "App Connect Enterprise"
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T019704",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
},
{
"category": "product_name",
"name": "IBM DB2",
"product": {
"name": "IBM DB2",
"product_id": "5104",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:db2:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.5.4",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.4",
"product_id": "T033810"
}
},
{
"category": "product_version",
"name": "10.5.4",
"product": {
"name": "IBM DataPower Gateway 10.5.4",
"product_id": "T033810-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.4"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.10",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.10",
"product_id": "T033811"
}
},
{
"category": "product_version",
"name": "10.5.0.10",
"product": {
"name": "IBM DataPower Gateway 10.5.0.10",
"product_id": "T033811-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.10"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.0.1.18",
"product": {
"name": "IBM DataPower Gateway \u003c10.0.1.18",
"product_id": "T033812"
}
},
{
"category": "product_version",
"name": "10.0.1.18",
"product": {
"name": "IBM DataPower Gateway 10.0.1.18",
"product_id": "T033812-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.0.1.18"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.2",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.2",
"product_id": "T039840"
}
},
{
"category": "product_version",
"name": "10.6.2",
"product": {
"name": "IBM DataPower Gateway 10.6.2",
"product_id": "T039840-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.2"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.3",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.3",
"product_id": "T039841"
}
},
{
"category": "product_version",
"name": "10.6.0.3",
"product": {
"name": "IBM DataPower Gateway 10.6.0.3",
"product_id": "T039841-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.15",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.15",
"product_id": "T039842"
}
},
{
"category": "product_version",
"name": "10.5.0.15",
"product": {
"name": "IBM DataPower Gateway 10.5.0.15",
"product_id": "T039842-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.15"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"category": "product_name",
"name": "IBM FlashSystem",
"product": {
"name": "IBM FlashSystem",
"product_id": "T025159",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:flashsystem:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332"
}
},
{
"category": "product_version_range",
"name": "\u003c=10.1.0.3",
"product": {
"name": "IBM Integration Bus \u003c=10.1.0.3",
"product_id": "T033332-fixed"
}
}
],
"category": "product_name",
"name": "Integration Bus"
},
{
"branches": [
{
"category": "product_version",
"name": "9.1 LTS",
"product": {
"name": "IBM MQ 9.1 LTS",
"product_id": "T015789",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1_lts"
}
}
},
{
"category": "product_version",
"name": "9.0 LTS",
"product": {
"name": "IBM MQ 9.0 LTS",
"product_id": "T015792",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.0_lts"
}
}
},
{
"category": "product_version",
"name": "9.2 LTS",
"product": {
"name": "IBM MQ 9.2 LTS",
"product_id": "T018186",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2_lts"
}
}
},
{
"category": "product_version",
"name": "9.3 LTS",
"product": {
"name": "IBM MQ 9.3 LTS",
"product_id": "T024689",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_lts"
}
}
},
{
"category": "product_version",
"name": "9.3 CD",
"product": {
"name": "IBM MQ 9.3 CD",
"product_id": "T024690",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3_cd"
}
}
},
{
"category": "product_version",
"name": "Operator v3.1.0 CD",
"product": {
"name": "IBM MQ Operator v3.1.0 CD",
"product_id": "T033202",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v3.1.0__cd"
}
}
},
{
"category": "product_version",
"name": "Operator v2.0.19 LTS",
"product": {
"name": "IBM MQ Operator v2.0.19 LTS",
"product_id": "T033203",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v2.0.19_lts"
}
}
},
{
"category": "product_version",
"name": "Operator v2.4.8",
"product": {
"name": "IBM MQ Operator v2.4.8",
"product_id": "T033204",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator_v2.4.8"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"branches": [
{
"category": "product_version",
"name": "V10",
"product": {
"name": "IBM Power Hardware Management Console V10",
"product_id": "T023373",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:hardware_management_console:v10"
}
}
}
],
"category": "product_name",
"name": "Power Hardware Management Console"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM \u003c7.5.0 UP8",
"product_id": "T033681"
}
},
{
"category": "product_version",
"name": "7.5.0 UP8",
"product": {
"name": "IBM QRadar SIEM 7.5.0 UP8",
"product_id": "T033681-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:7.5.0_up8"
}
}
}
],
"category": "product_name",
"name": "QRadar SIEM"
},
{
"category": "product_name",
"name": "IBM SAN Volume Controller",
"product": {
"name": "IBM SAN Volume Controller",
"product_id": "T002782",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:san_volume_controller:-"
}
}
},
{
"category": "product_name",
"name": "IBM Storage Scale",
"product": {
"name": "IBM Storage Scale",
"product_id": "T019402",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spectrum_scale:-"
}
}
},
{
"category": "product_name",
"name": "IBM Storwize",
"product": {
"name": "IBM Storwize",
"product_id": "T021621",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:storwize:-"
}
}
}
],
"category": "vendor",
"name": "IBM"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2001-1550",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2001-1550"
},
{
"cve": "CVE-2002-1711",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2002-1711"
},
{
"cve": "CVE-2002-1713",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2002-1713"
},
{
"cve": "CVE-2005-1941",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2005-1941"
},
{
"cve": "CVE-2020-28241",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2020-28241"
},
{
"cve": "CVE-2022-48468",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2022-48468"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-39615",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-39615"
},
{
"cve": "CVE-2023-39976",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-39976"
},
{
"cve": "CVE-2023-4218",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-4218"
},
{
"cve": "CVE-2023-44487",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-44487"
},
{
"cve": "CVE-2023-45287",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-45287"
},
{
"cve": "CVE-2023-49568",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-49568"
},
{
"cve": "CVE-2023-5072",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-5072"
},
{
"cve": "CVE-2023-5676",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2023-7104",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-7104"
},
{
"cve": "CVE-2024-0553",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-0553"
},
{
"cve": "CVE-2024-27255",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten, unter anderem \"Eclipse\", \"libqb\", \"BasiliX\", \"Libxml2\" oder \"JavaSE\". Ein entfernter, anonymer Angreifer kann diese Schwachstelle ausnutzen, um beliebigen Programmcode auszuf\u00fchren, Informationen offenzulegen oder einen Denial of Service Zustand herbeizuf\u00fchren."
}
],
"product_status": {
"known_affected": [
"T033810",
"T033811",
"T015789",
"T033537",
"T033812",
"T018186",
"T033332",
"T024689",
"T025159",
"T023373",
"T033204",
"T033842",
"T024690",
"T033202",
"T002782",
"T033203",
"T033681",
"T039842",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T019704",
"5104"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-27255"
},
{
"cve": "CVE-2023-26159",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-26159"
},
{
"cve": "CVE-2023-47745",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2023-47745"
},
{
"cve": "CVE-2024-25016",
"notes": [
{
"category": "description",
"text": "In IBM MQ existieren mehrere Schwachstellen. Diese bestehen in der Kernkomponente von MQ und sind auf Fehler im Bezug auf Buffer, Absicherung von Passw\u00f6rtern und Open Redirects zur\u00fcckzuf\u00fchren. Ein entfernter, anonymer Angreifer kann diese Schwachstellen ausnutzen, um einen Denial of Service Zustand herbeizuf\u00fchren oder Informationen offenzulegen."
}
],
"product_status": {
"known_affected": [
"T033842",
"T033810",
"T024690",
"T002782",
"T033811",
"T015789",
"T033537",
"T033812",
"T033681",
"T039842",
"T018186",
"T033332",
"T039841",
"T015792",
"T032495",
"T039840",
"T021621",
"T019402",
"T024689",
"T019704",
"5104",
"T025159",
"T023373"
]
},
"release_date": "2024-02-29T23:00:00.000+00:00",
"title": "CVE-2024-25016"
}
]
}
wid-sec-w-2024-0769
Vulnerability from csaf_certbund
Published
2024-04-02 22:00
Modified
2024-11-07 23:00
Summary
IBM Rational Build Forge: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0769 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0769.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0769 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0769"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-04-02",
"url": "https://www.ibm.com/support/pages/node/7145704"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3949-1 vom 2024-11-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019796.html"
}
],
"source_lang": "en-US",
"title": "IBM Rational Build Forge: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-07T23:00:00.000+00:00",
"generator": {
"date": "2024-11-08T11:11:40.811+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-0769",
"initial_release_date": "2024-04-02T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.0.26",
"product": {
"name": "IBM Rational Build Forge \u003c8.0.0.26",
"product_id": "T033838"
}
},
{
"category": "product_version",
"name": "8.0.0.26",
"product": {
"name": "IBM Rational Build Forge 8.0.0.26",
"product_id": "T033838-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.26"
}
}
}
],
"category": "product_name",
"name": "Rational Build Forge"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22067",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-31122",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-31122"
},
{
"cve": "CVE-2023-33850",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-33850"
},
{
"cve": "CVE-2023-43622",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-43622"
},
{
"cve": "CVE-2023-45802",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-45802"
},
{
"cve": "CVE-2023-46589",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-5676",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2023-5678",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-6129",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2023-6237",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-6237"
},
{
"cve": "CVE-2023-6710",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-6710"
},
{
"cve": "CVE-2024-0727",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20945",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-21733",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-21733"
},
{
"cve": "CVE-2024-23672",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-24549"
}
]
}
WID-SEC-W-2024-0769
Vulnerability from csaf_certbund
Published
2024-04-02 22:00
Modified
2024-11-07 23:00
Summary
IBM Rational Build Forge: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuführen.
Betroffene Betriebssysteme
- Linux
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "IBM Rational Build Forge ist ein Framework zur Automatisierung und Standardisierung des Softwareerstellungsprozesses",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in IBM Rational Build Forge ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0769 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0769.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0769 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0769"
},
{
"category": "external",
"summary": "IBM Security Bulletin vom 2024-04-02",
"url": "https://www.ibm.com/support/pages/node/7145704"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2024:3949-1 vom 2024-11-08",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2024-November/019796.html"
}
],
"source_lang": "en-US",
"title": "IBM Rational Build Forge: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2024-11-07T23:00:00.000+00:00",
"generator": {
"date": "2024-11-08T11:11:40.811+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.8"
}
},
"id": "WID-SEC-W-2024-0769",
"initial_release_date": "2024-04-02T22:00:00.000+00:00",
"revision_history": [
{
"date": "2024-04-02T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2024-11-07T23:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von SUSE aufgenommen"
}
],
"status": "final",
"version": "2"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.0.26",
"product": {
"name": "IBM Rational Build Forge \u003c8.0.0.26",
"product_id": "T033838"
}
},
{
"category": "product_version",
"name": "8.0.0.26",
"product": {
"name": "IBM Rational Build Forge 8.0.0.26",
"product_id": "T033838-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_build_forge:8.0.0.26"
}
}
}
],
"category": "product_name",
"name": "Rational Build Forge"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22067",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-31122",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-31122"
},
{
"cve": "CVE-2023-33850",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-33850"
},
{
"cve": "CVE-2023-43622",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-43622"
},
{
"cve": "CVE-2023-45802",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-45802"
},
{
"cve": "CVE-2023-46589",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-46589"
},
{
"cve": "CVE-2023-5676",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2023-5678",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-5678"
},
{
"cve": "CVE-2023-6129",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-6129"
},
{
"cve": "CVE-2023-6237",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-6237"
},
{
"cve": "CVE-2023-6710",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2023-6710"
},
{
"cve": "CVE-2024-0727",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-0727"
},
{
"cve": "CVE-2024-20918",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20945",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-21733",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-21733"
},
{
"cve": "CVE-2024-23672",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-23672"
},
{
"cve": "CVE-2024-24549",
"notes": [
{
"category": "description",
"text": "In IBM Rational Build Forge existieren mehrere Schwachstellen. Diese bestehen in verschiedenen Komponenten von Drittanbietern, u.a. Oracle Java SE, Apache HTTP Server, OpenSSL und Apache Tomcat. Ein Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuf\u00fchren, einen Cross-Site-Scripting-Angriff durchzuf\u00fchren, Informationen offenzulegen, Dateien zu manipulieren oder einen Denial of Service Zustand herbeizuf\u00fchren. Zur Ausnutzung einiger dieser Schwachstellen ist eine Nutzeraktion oder bestimmte Berechtigungen erforderlich."
}
],
"product_status": {
"known_affected": [
"T002207",
"T033838"
]
},
"release_date": "2024-04-02T22:00:00.000+00:00",
"title": "CVE-2024-24549"
}
]
}
suse-su-2024:0479-1
Vulnerability from csaf_suse
Published
2024-02-15 08:11
Modified
2024-02-15 08:11
Summary
Security update for java-1_8_0-openj9
Notes
Title of the patch
Security update for java-1_8_0-openj9
Description of the patch
This update for java-1_8_0-openj9 fixes the following issues:
Update to OpenJDK 8u402 build 06 with OpenJ9 0.43.0 virtual machine
* Including OpenJ9 0.41.0 fixes of CVE-2023-5676, bsc#1217214
* CVE-2024-20918 (bsc#1218907), CVE-2024-20919 (bsc#1218903),
CVE-2024-20921 (bsc#1218905), CVE-2024-20926 (bsc#1218906),
CVE-2024-20945 (bsc#1218909), CVE-2024-20952 (bsc#1218911)
Patchnames
SUSE-2024-479,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-479,openSUSE-SLE-15.5-2024-479
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-openj9",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-openj9 fixes the following issues:\n\nUpdate to OpenJDK 8u402 build 06 with OpenJ9 0.43.0 virtual machine\n\n* Including OpenJ9 0.41.0 fixes of CVE-2023-5676, bsc#1217214\n* CVE-2024-20918 (bsc#1218907), CVE-2024-20919 (bsc#1218903),\n CVE-2024-20921 (bsc#1218905), CVE-2024-20926 (bsc#1218906),\n CVE-2024-20945 (bsc#1218909), CVE-2024-20952 (bsc#1218911)\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2024-479,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2024-479,openSUSE-SLE-15.5-2024-479",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2024_0479-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2024:0479-1",
"url": "https://www.suse.com/support/update/announcement/2024/suse-su-20240479-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2024:0479-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2024-February/034224.html"
},
{
"category": "self",
"summary": "SUSE Bug 1217214",
"url": "https://bugzilla.suse.com/1217214"
},
{
"category": "self",
"summary": "SUSE Bug 1218903",
"url": "https://bugzilla.suse.com/1218903"
},
{
"category": "self",
"summary": "SUSE Bug 1218905",
"url": "https://bugzilla.suse.com/1218905"
},
{
"category": "self",
"summary": "SUSE Bug 1218906",
"url": "https://bugzilla.suse.com/1218906"
},
{
"category": "self",
"summary": "SUSE Bug 1218907",
"url": "https://bugzilla.suse.com/1218907"
},
{
"category": "self",
"summary": "SUSE Bug 1218909",
"url": "https://bugzilla.suse.com/1218909"
},
{
"category": "self",
"summary": "SUSE Bug 1218911",
"url": "https://bugzilla.suse.com/1218911"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20952/"
}
],
"title": "Security update for java-1_8_0-openj9",
"tracking": {
"current_release_date": "2024-02-15T08:11:03Z",
"generator": {
"date": "2024-02-15T08:11:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2024:0479-1",
"initial_release_date": "2024-02-15T08:11:03Z",
"revision_history": [
{
"date": "2024-02-15T08:11:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"product_id": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"product_id": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"product_id": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"product_id": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"product_id": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"product_id": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"product_id": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"product": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"product_id": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"product_id": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"product_id": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"product_id": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"product_id": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"product_id": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64",
"product_id": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2024-20918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20918"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20918",
"url": "https://www.suse.com/security/cve/CVE-2024-20918"
},
{
"category": "external",
"summary": "SUSE Bug 1218907 for CVE-2024-20918",
"url": "https://bugzilla.suse.com/1218907"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20918",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "important"
}
],
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20919"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20919",
"url": "https://www.suse.com/security/cve/CVE-2024-20919"
},
{
"category": "external",
"summary": "SUSE Bug 1218903 for CVE-2024-20919",
"url": "https://bugzilla.suse.com/1218903"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20919",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20921"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20921",
"url": "https://www.suse.com/security/cve/CVE-2024-20921"
},
{
"category": "external",
"summary": "SUSE Bug 1218905 for CVE-2024-20921",
"url": "https://bugzilla.suse.com/1218905"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20921",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20926"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20926",
"url": "https://www.suse.com/security/cve/CVE-2024-20926"
},
{
"category": "external",
"summary": "SUSE Bug 1218906 for CVE-2024-20926",
"url": "https://bugzilla.suse.com/1218906"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20926",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20945"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20945",
"url": "https://www.suse.com/security/cve/CVE-2024-20945"
},
{
"category": "external",
"summary": "SUSE Bug 1218909 for CVE-2024-20945",
"url": "https://bugzilla.suse.com/1218909"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20945",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "moderate"
}
],
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20952"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20952",
"url": "https://www.suse.com/security/cve/CVE-2024-20952"
},
{
"category": "external",
"summary": "SUSE Bug 1218911 for CVE-2024-20952",
"url": "https://bugzilla.suse.com/1218911"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20952",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.402-150200.3.42.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.402-150200.3.42.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.402-150200.3.42.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-02-15T08:11:03Z",
"details": "important"
}
],
"title": "CVE-2024-20952"
}
]
}
suse-su-2023:4572-1
Vulnerability from csaf_suse
Published
2023-11-27 08:26
Modified
2023-11-27 08:26
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
- Update to Java 8.0 Service Refresh 8 Fix Pack 15:
* Oracle October 17 2023 CPU [bsc#1216640]
Security fixes:
- CVE-2023-22081: Fixed enhanced TLS connections (bsc#1216374)
- CVE-2023-22067: Fixed IOR deserialization issue in CORBA (bsc#1216379)
- CVE-2023-22025: Fixed memory corruption issue on x86_64 with AVX-512 (bsc#1216339)
- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214)
Bug fixes:
- IBM Java idlj compiler switch definition because IBM java idlj seems to confuse char and wchar for typedef types (bsc#1204264).
Patchnames
SUSE-2023-4572,SUSE-SLE-Module-Legacy-15-SP4-2023-4572,SUSE-SLE-Module-Legacy-15-SP5-2023-4572,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4572,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4572,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-4572,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4572,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4572,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-4572,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4572,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4572,SUSE-Storage-7.1-2023-4572,openSUSE-SLE-15.4-2023-4572,openSUSE-SLE-15.5-2023-4572
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-ibm fixes the following issues:\n\n- Update to Java 8.0 Service Refresh 8 Fix Pack 15:\n * Oracle October 17 2023 CPU [bsc#1216640]\n\nSecurity fixes:\n\n- CVE-2023-22081: Fixed enhanced TLS connections (bsc#1216374)\n- CVE-2023-22067: Fixed IOR deserialization issue in CORBA (bsc#1216379)\n- CVE-2023-22025: Fixed memory corruption issue on x86_64 with AVX-512 (bsc#1216339)\n- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214)\n\nBug fixes:\n\n- IBM Java idlj compiler switch definition because IBM java idlj seems to confuse char and wchar for typedef types (bsc#1204264).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4572,SUSE-SLE-Module-Legacy-15-SP4-2023-4572,SUSE-SLE-Module-Legacy-15-SP5-2023-4572,SUSE-SLE-Product-HPC-15-SP3-ESPOS-2023-4572,SUSE-SLE-Product-HPC-15-SP3-LTSS-2023-4572,SUSE-SLE-Product-SLES-15-SP1-LTSS-2023-4572,SUSE-SLE-Product-SLES-15-SP2-LTSS-2023-4572,SUSE-SLE-Product-SLES-15-SP3-LTSS-2023-4572,SUSE-SLE-Product-SLES_SAP-15-SP1-2023-4572,SUSE-SLE-Product-SLES_SAP-15-SP2-2023-4572,SUSE-SLE-Product-SLES_SAP-15-SP3-2023-4572,SUSE-Storage-7.1-2023-4572,openSUSE-SLE-15.4-2023-4572,openSUSE-SLE-15.5-2023-4572",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4572-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4572-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234572-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4572-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/017234.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204264",
"url": "https://bugzilla.suse.com/1204264"
},
{
"category": "self",
"summary": "SUSE Bug 1216339",
"url": "https://bugzilla.suse.com/1216339"
},
{
"category": "self",
"summary": "SUSE Bug 1216374",
"url": "https://bugzilla.suse.com/1216374"
},
{
"category": "self",
"summary": "SUSE Bug 1216379",
"url": "https://bugzilla.suse.com/1216379"
},
{
"category": "self",
"summary": "SUSE Bug 1216640",
"url": "https://bugzilla.suse.com/1216640"
},
{
"category": "self",
"summary": "SUSE Bug 1217214",
"url": "https://bugzilla.suse.com/1217214"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22067 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
}
],
"title": "Security update for java-1_8_0-ibm",
"tracking": {
"current_release_date": "2023-11-27T08:26:53Z",
"generator": {
"date": "2023-11-27T08:26:53Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4572-1",
"initial_release_date": "2023-11-27T08:26:53Z",
"revision_history": [
{
"date": "2023-11-27T08:26:53Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.i586",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.i586",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.i586",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.i586",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.i586",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.i586",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.i586",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.i586",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.i586",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.i586",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.i586",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.i586",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp4"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Legacy 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-module-legacy:15:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-espos:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle_hpc-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product": {
"name": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles-ltss:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp1"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp2"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:15:sp3"
}
}
},
{
"category": "product_name",
"name": "SUSE Enterprise Storage 7.1",
"product": {
"name": "SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1",
"product_identification_helper": {
"cpe": "cpe:/o:suse:ses:7.1"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP4",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Legacy 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP1-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP2-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP3-LTSS",
"product_id": "SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 15 SP3-LTSS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP2"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP3",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 15 SP3"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of SUSE Enterprise Storage 7.1",
"product_id": "SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "SUSE Enterprise Storage 7.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22025"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 21.3.7 and 22.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22025",
"url": "https://www.suse.com/security/cve/CVE-2023-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1216339 for CVE-2023-22025",
"url": "https://bugzilla.suse.com/1216339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-27T08:26:53Z",
"details": "low"
}
],
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22067"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22067",
"url": "https://www.suse.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "SUSE Bug 1216379 for CVE-2023-22067",
"url": "https://bugzilla.suse.com/1216379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-27T08:26:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-27T08:26:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Enterprise Storage 7.1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Module for Legacy 15 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server 15 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-demo-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-150000.3.83.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-ibm-src-1.8.0_sr8.15-150000.3.83.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-27T08:26:53Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
}
]
}
suse-su-2023:4612-1
Vulnerability from csaf_suse
Published
2023-11-29 13:50
Modified
2023-11-29 13:50
Summary
Security update for java-1_8_0-openj9
Notes
Title of the patch
Security update for java-1_8_0-openj9
Description of the patch
This update for java-1_8_0-openj9 fixes the following issues:
Update to OpenJDK 8u392 build 08 with OpenJ9 0.41.0 virtual machine
- CVE-2023-22067: Fixed an IOR deserialization issue in CORBA (bsc#1216379).
- CVE-2023-22081: Fixed a certificate path validation issue during client authentication (bsc#1216374).
- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214).
Patchnames
SUSE-2023-4612,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4612,openSUSE-SLE-15.4-2023-4612,openSUSE-SLE-15.5-2023-4612
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-openj9",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-openj9 fixes the following issues:\n\nUpdate to OpenJDK 8u392 build 08 with OpenJ9 0.41.0 virtual machine\n\n- CVE-2023-22067: Fixed an IOR deserialization issue in CORBA (bsc#1216379).\n- CVE-2023-22081: Fixed a certificate path validation issue during client authentication (bsc#1216374).\n- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4612,SUSE-SLE-Module-Packagehub-Subpackages-15-SP5-2023-4612,openSUSE-SLE-15.4-2023-4612,openSUSE-SLE-15.5-2023-4612",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4612-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4612-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234612-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4612-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/017260.html"
},
{
"category": "self",
"summary": "SUSE Bug 1216374",
"url": "https://bugzilla.suse.com/1216374"
},
{
"category": "self",
"summary": "SUSE Bug 1216379",
"url": "https://bugzilla.suse.com/1216379"
},
{
"category": "self",
"summary": "SUSE Bug 1217214",
"url": "https://bugzilla.suse.com/1217214"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22067 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
}
],
"title": "Security update for java-1_8_0-openj9",
"tracking": {
"current_release_date": "2023-11-29T13:50:48Z",
"generator": {
"date": "2023-11-29T13:50:48Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4612-1",
"initial_release_date": "2023-11-29T13:50:48Z",
"revision_history": [
{
"date": "2023-11-29T13:50:48Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"product_id": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"product_id": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"product_id": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"product_id": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:packagehub:15:sp5"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.4"
}
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x as component of SUSE Linux Enterprise Module for Package Hub 15 SP5",
"product_id": "SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Module for Package Hub 15 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.4",
"product_id": "openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.4"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64 as component of openSUSE Leap 15.5",
"product_id": "openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22067"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22067",
"url": "https://www.suse.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "SUSE Bug 1216379 for CVE-2023-22067",
"url": "https://bugzilla.suse.com/1216379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T13:50:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T13:50:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"SUSE Linux Enterprise Module for Package Hub 15 SP5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.4:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.4:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-accessibility-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-demo-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-devel-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-headless-1.8.0.392-150200.3.39.1.x86_64",
"openSUSE Leap 15.5:java-1_8_0-openj9-javadoc-1.8.0.392-150200.3.39.1.noarch",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.aarch64",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.ppc64le",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.s390x",
"openSUSE Leap 15.5:java-1_8_0-openj9-src-1.8.0.392-150200.3.39.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T13:50:48Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
}
]
}
suse-su-2023:4614-1
Vulnerability from csaf_suse
Published
2023-11-29 14:48
Modified
2023-11-29 14:48
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
- Update to Java 8.0 Service Refresh 8 Fix Pack 15:
* Oracle October 17 2023 CPU [bsc#1216640]
Security fixes:
- CVE-2023-22081: Fixed enhanced TLS connections (bsc#1216374)
- CVE-2023-22067: Fixed IOR deserialization issue in CORBA (bsc#1216379)
- CVE-2023-22025: Fixed memory corruption issue on x86_64 with AVX-512 (bsc#1216339)
- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214)
Bug fixes:
- IBM Java idlj compiler switch definition because IBM java idlj seems to confuse char and wchar for typedef types (bsc#1204264).
Patchnames
SUSE-2023-4614,SUSE-SLE-SDK-12-SP5-2023-4614,SUSE-SLE-SERVER-12-SP5-2023-4614
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-1_8_0-ibm",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-1_8_0-ibm fixes the following issues:\n\n- Update to Java 8.0 Service Refresh 8 Fix Pack 15:\n * Oracle October 17 2023 CPU [bsc#1216640]\n\nSecurity fixes:\n\n- CVE-2023-22081: Fixed enhanced TLS connections (bsc#1216374)\n- CVE-2023-22067: Fixed IOR deserialization issue in CORBA (bsc#1216379)\n- CVE-2023-22025: Fixed memory corruption issue on x86_64 with AVX-512 (bsc#1216339)\n- CVE-2023-5676: Fixed receiving a signal before initialization may lead to an infinite loop or unexpected crash (bsc#1217214)\n\nBug fixes:\n\n- IBM Java idlj compiler switch definition because IBM java idlj seems to confuse char and wchar for typedef types (bsc#1204264).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-2023-4614,SUSE-SLE-SDK-12-SP5-2023-4614,SUSE-SLE-SERVER-12-SP5-2023-4614",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_4614-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2023:4614-1",
"url": "https://www.suse.com/support/update/announcement/2023/suse-su-20234614-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2023:4614-1",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2023-November/017258.html"
},
{
"category": "self",
"summary": "SUSE Bug 1204264",
"url": "https://bugzilla.suse.com/1204264"
},
{
"category": "self",
"summary": "SUSE Bug 1216339",
"url": "https://bugzilla.suse.com/1216339"
},
{
"category": "self",
"summary": "SUSE Bug 1216374",
"url": "https://bugzilla.suse.com/1216374"
},
{
"category": "self",
"summary": "SUSE Bug 1216379",
"url": "https://bugzilla.suse.com/1216379"
},
{
"category": "self",
"summary": "SUSE Bug 1216640",
"url": "https://bugzilla.suse.com/1216640"
},
{
"category": "self",
"summary": "SUSE Bug 1217214",
"url": "https://bugzilla.suse.com/1217214"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22067 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
}
],
"title": "Security update for java-1_8_0-ibm",
"tracking": {
"current_release_date": "2023-11-29T14:48:45Z",
"generator": {
"date": "2023-11-29T14:48:45Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2023:4614-1",
"initial_release_date": "2023-11-29T14:48:45Z",
"revision_history": [
{
"date": "2023-11-29T14:48:45Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.i586",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.i586",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.i586",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.i586",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.i586",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.i586",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.i586",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.i586",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.i586",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.i586",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.i586"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.i586",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.i586",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.i586"
}
}
],
"category": "architecture",
"name": "i586"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.ppc64le",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.ppc64le",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.ppc64le",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.s390",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.s390",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.s390",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.s390",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.s390"
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-30.117.1.s390x",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-30.117.1.s390x",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-30.117.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.s390x",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.s390x",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-30.117.1.s390x",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-30.117.1.s390x",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-30.117.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.s390x",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.s390x",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-32bit-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-demo-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-devel-32bit-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.x86_64",
"product": {
"name": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.x86_64",
"product_id": "java-1_8_0-ibm-src-1.8.0_sr8.15-30.117.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sle-sdk:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles:12:sp5"
}
}
},
{
"category": "product_name",
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product": {
"name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sles_sap:12:sp5"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5",
"product_id": "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Software Development Kit 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
"product_id": "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
"product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64"
},
"product_reference": "java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22025"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u381-perf, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 21.3.7 and 22.3.3. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition,. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22025",
"url": "https://www.suse.com/security/cve/CVE-2023-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1216339 for CVE-2023-22025",
"url": "https://bugzilla.suse.com/1216339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T14:48:45Z",
"details": "low"
}
],
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22067"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: CORBA). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf; Oracle GraalVM Enterprise Edition: 20.3.11 and 21.3.7. Easily exploitable vulnerability allows unauthenticated attacker with network access via CORBA to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22067",
"url": "https://www.suse.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "SUSE Bug 1216379 for CVE-2023-22067",
"url": "https://bugzilla.suse.com/1216379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T14:48:45Z",
"details": "moderate"
}
],
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T14:48:45Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr8.15-30.117.1.x86_64",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.ppc64le",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.s390x",
"SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr8.15-30.117.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2023-11-29T14:48:45Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
}
]
}
opensuse-su-2024:13456-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
java-17-openj9-17.0.9.0-1.1 on GA media
Notes
Title of the patch
java-17-openj9-17.0.9.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the java-17-openj9-17.0.9.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13456
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-17-openj9-17.0.9.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-17-openj9-17.0.9.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13456",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13456-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
}
],
"title": "java-17-openj9-17.0.9.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13456-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-17.0.9.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-demo-17.0.9.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-devel-17.0.9.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-headless-17.0.9.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-javadoc-17.0.9.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-jmods-17.0.9.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.9.0-1.1.aarch64",
"product": {
"name": "java-17-openj9-src-17.0.9.0-1.1.aarch64",
"product_id": "java-17-openj9-src-17.0.9.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-17.0.9.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-demo-17.0.9.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-devel-17.0.9.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-headless-17.0.9.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-jmods-17.0.9.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"product": {
"name": "java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"product_id": "java-17-openj9-src-17.0.9.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-17.0.9.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-demo-17.0.9.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-devel-17.0.9.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-headless-17.0.9.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-javadoc-17.0.9.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-jmods-17.0.9.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.9.0-1.1.s390x",
"product": {
"name": "java-17-openj9-src-17.0.9.0-1.1.s390x",
"product_id": "java-17-openj9-src-17.0.9.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-17.0.9.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-demo-17.0.9.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-devel-17.0.9.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-headless-17.0.9.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-javadoc-17.0.9.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-jmods-17.0.9.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.9.0-1.1.x86_64",
"product": {
"name": "java-17-openj9-src-17.0.9.0-1.1.x86_64",
"product_id": "java-17-openj9-src-17.0.9.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-demo-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-devel-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-headless-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-javadoc-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.9.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64"
},
"product_reference": "java-17-openj9-src-17.0.9.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.9.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le"
},
"product_reference": "java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.9.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x"
},
"product_reference": "java-17-openj9-src-17.0.9.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.9.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
},
"product_reference": "java-17-openj9-src-17.0.9.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22025"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22025",
"url": "https://www.suse.com/security/cve/CVE-2023-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1216339 for CVE-2023-22025",
"url": "https://bugzilla.suse.com/1216339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-demo-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-devel-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-headless-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-javadoc-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-jmods-17.0.9.0-1.1.x86_64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.aarch64",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.s390x",
"openSUSE Tumbleweed:java-17-openj9-src-17.0.9.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
}
]
}
opensuse-su-2024:13457-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
java-1_8_0-openj9-1.8.0.392-1.1 on GA media
Notes
Title of the patch
java-1_8_0-openj9-1.8.0.392-1.1 on GA media
Description of the patch
These are all security issues fixed in the java-1_8_0-openj9-1.8.0.392-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13457
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-1_8_0-openj9-1.8.0.392-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-1_8_0-openj9-1.8.0.392-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13457",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13457-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22067 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22067/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
}
],
"title": "java-1_8_0-openj9-1.8.0.392-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13457-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-1.8.0.392-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-1.8.0.392-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-1.8.0.392-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-1.8.0.392-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64",
"product": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64",
"product_id": "java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
},
"product_reference": "java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22067",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22067"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22067",
"url": "https://www.suse.com/security/cve/CVE-2023-22067"
},
{
"category": "external",
"summary": "SUSE Bug 1216379 for CVE-2023-22067",
"url": "https://bugzilla.suse.com/1216379"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-22067"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-accessibility-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-demo-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-devel-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-headless-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-javadoc-1.8.0.392-1.1.x86_64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.aarch64",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.ppc64le",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.s390x",
"openSUSE Tumbleweed:java-1_8_0-openj9-src-1.8.0.392-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
}
]
}
opensuse-su-2024:13455-1
Vulnerability from csaf_opensuse
Published
2024-06-15 00:00
Modified
2024-06-15 00:00
Summary
java-11-openj9-11.0.21.0-1.1 on GA media
Notes
Title of the patch
java-11-openj9-11.0.21.0-1.1 on GA media
Description of the patch
These are all security issues fixed in the java-11-openj9-11.0.21.0-1.1 package on the GA media of openSUSE Tumbleweed.
Patchnames
openSUSE-Tumbleweed-2024-13455
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "java-11-openj9-11.0.21.0-1.1 on GA media",
"title": "Title of the patch"
},
{
"category": "description",
"text": "These are all security issues fixed in the java-11-openj9-11.0.21.0-1.1 package on the GA media of openSUSE Tumbleweed.",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-Tumbleweed-2024-13455",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2024_13455-1.json"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
}
],
"title": "java-11-openj9-11.0.21.0-1.1 on GA media",
"tracking": {
"current_release_date": "2024-06-15T00:00:00Z",
"generator": {
"date": "2024-06-15T00:00:00Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2024:13455-1",
"initial_release_date": "2024-06-15T00:00:00Z",
"revision_history": [
{
"date": "2024-06-15T00:00:00Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-11.0.21.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-demo-11.0.21.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-devel-11.0.21.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-headless-11.0.21.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-javadoc-11.0.21.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-jmods-11.0.21.0-1.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.21.0-1.1.aarch64",
"product": {
"name": "java-11-openj9-src-11.0.21.0-1.1.aarch64",
"product_id": "java-11-openj9-src-11.0.21.0-1.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-11.0.21.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-demo-11.0.21.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-devel-11.0.21.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-headless-11.0.21.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-jmods-11.0.21.0-1.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"product": {
"name": "java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"product_id": "java-11-openj9-src-11.0.21.0-1.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-11.0.21.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-demo-11.0.21.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-devel-11.0.21.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-headless-11.0.21.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-javadoc-11.0.21.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-jmods-11.0.21.0-1.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.21.0-1.1.s390x",
"product": {
"name": "java-11-openj9-src-11.0.21.0-1.1.s390x",
"product_id": "java-11-openj9-src-11.0.21.0-1.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-11.0.21.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-demo-11.0.21.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-devel-11.0.21.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-headless-11.0.21.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-javadoc-11.0.21.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-jmods-11.0.21.0-1.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.21.0-1.1.x86_64",
"product": {
"name": "java-11-openj9-src-11.0.21.0-1.1.x86_64",
"product_id": "java-11-openj9-src-11.0.21.0-1.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "openSUSE Tumbleweed",
"product": {
"name": "openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:tumbleweed"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-demo-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-devel-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-headless-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.21.0-1.1.aarch64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64"
},
"product_reference": "java-11-openj9-src-11.0.21.0-1.1.aarch64",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.21.0-1.1.ppc64le as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le"
},
"product_reference": "java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.21.0-1.1.s390x as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x"
},
"product_reference": "java-11-openj9-src-11.0.21.0-1.1.s390x",
"relates_to_product_reference": "openSUSE Tumbleweed"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.21.0-1.1.x86_64 as component of openSUSE Tumbleweed",
"product_id": "openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
},
"product_reference": "java-11-openj9-src-11.0.21.0-1.1.x86_64",
"relates_to_product_reference": "openSUSE Tumbleweed"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-demo-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-devel-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-headless-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-javadoc-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-jmods-11.0.21.0-1.1.x86_64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.aarch64",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.ppc64le",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.s390x",
"openSUSE Tumbleweed:java-11-openj9-src-11.0.21.0-1.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2024-06-15T00:00:00Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
}
]
}
opensuse-su-2025:0067-1
Vulnerability from csaf_opensuse
Published
2025-02-19 22:53
Modified
2025-02-19 22:53
Summary
Security update for java-17-openj9
Notes
Title of the patch
Security update for java-17-openj9
Description of the patch
This update for java-17-openj9 fixes the following issues:
- Update to OpenJDK 17.0.14 with OpenJ9 0.49.0 virtual machine
- Including Oracle October 2024 and January 2025 CPU changes
* CVE-2024-21208 (boo#1231702), CVE-2024-21210 (boo#1231711),
CVE-2024-21217 (boo#1231716), CVE-2024-21235 (boo#1231719),
CVE-2025-21502 (boo#1236278)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.49/
- Update to OpenJDK 17.0.12 with OpenJ9 0.46.0 virtual machine
- Including Oracle July 2024 CPU changes
* CVE-2024-21131 (boo#1228046), CVE-2024-21138 (boo#1228047),
CVE-2024-21140 (boo#1228048), CVE-2024-21147 (boo#1228052),
CVE-2024-21145 (boo#1228051)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.46/
- Update to OpenJDK 17.0.11 with OpenJ9 0.44.0 virtual machine
- Including Oracle April 2024 CPU changes
* CVE-2024-21012 (boo#1222987), CVE-2024-21094 (boo#1222986),
CVE-2024-21011 (boo#1222979), CVE-2024-21068 (boo#1222983)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.44/
- Update to OpenJDK 17.0.10 with OpenJ9 0.43.0 virtual machine
- Including Oracle January 2024 CPU changes
* CVE-2024-20918 (boo#1218907), CVE-2024-20919 (boo#1218903),
CVE-2024-20921 (boo#1218905), CVE-2024-20932 (boo#1218908),
CVE-2024-20945 (boo#1218909), CVE-2024-20952 (boo#1218911)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.43/
- Update to OpenJDK 17.0.9 with OpenJ9 0.41.0 virtual machine
- Including Oracle October 2023 CPU changes
* CVE-2023-22081, boo#1216374
* CVE-2023-22025, boo#1216339
- Including Openj9 0.41.0 fixes of CVE-2023-5676, boo#1217214
* For other OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.41
- Update to OpenJDK 17.0.8.1 with OpenJ9 0.40.0 virtual machine
* JDK-8313765: Invalid CEN header (invalid zip64 extra data
field size)
- Update to OpenJDK 17.0.8 with OpenJ9 0.40.0 virtual machine
- Including Oracle July 2023 CPU changes
* CVE-2023-22006 (boo#1213473), CVE-2023-22036 (boo#1213474),
CVE-2023-22041 (boo#1213475), CVE-2023-22044 (boo#1213479),
CVE-2023-22045 (boo#1213481), CVE-2023-22049 (boo#1213482),
CVE-2023-25193 (boo#1207922)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.40
- Update to OpenJDK 17.0.7 with OpenJ9 0.38.0 virtual machine
- Including Oracle April 2023 CPU changes
* CVE-2023-21930 (boo#1210628), CVE-2023-21937 (boo#1210631),
CVE-2023-21938 (boo#1210632), CVE-2023-21939 (boo#1210634),
CVE-2023-21954 (boo#1210635), CVE-2023-21967 (boo#1210636),
CVE-2023-21968 (boo#1210637)
* OpenJ9 specific vulnerability: CVE-2023-2597 (boo#1211615)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.38
- Update to OpenJDK 17.0.6 with OpenJ9 0.36.0 virtual machine
* including Oracle January 2023 CPU changes
+ CVE-2023-21835, boo#1207246
+ CVE-2023-21843, boo#1207248
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.36
- Update to OpenJDK 17.0.5 with OpenJ9 0.35.0 virtual machine
* Including Oracle October 2022 CPU changes
CVE-2022-21618 (boo#1204468), CVE-2022-21619 (boo#1204473),
CVE-2022-21626 (boo#1204471), CVE-2022-21624 (boo#1204475),
CVE-2022-21628 (boo#1204472), CVE-2022-39399 (boo#1204480)
* Fixes OpenJ9 vulnerability boo#1204703, CVE-2022-3676
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.35
Patchnames
openSUSE-2025-67
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-17-openj9",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-17-openj9 fixes the following issues:\n\n- Update to OpenJDK 17.0.14 with OpenJ9 0.49.0 virtual machine\n- Including Oracle October 2024 and January 2025 CPU changes\n * CVE-2024-21208 (boo#1231702), CVE-2024-21210 (boo#1231711),\n CVE-2024-21217 (boo#1231716), CVE-2024-21235 (boo#1231719),\n CVE-2025-21502 (boo#1236278)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.49/\n\n- Update to OpenJDK 17.0.12 with OpenJ9 0.46.0 virtual machine\n- Including Oracle July 2024 CPU changes\n * CVE-2024-21131 (boo#1228046), CVE-2024-21138 (boo#1228047),\n CVE-2024-21140 (boo#1228048), CVE-2024-21147 (boo#1228052),\n CVE-2024-21145 (boo#1228051)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.46/\n\n- Update to OpenJDK 17.0.11 with OpenJ9 0.44.0 virtual machine\n- Including Oracle April 2024 CPU changes\n * CVE-2024-21012 (boo#1222987), CVE-2024-21094 (boo#1222986),\n CVE-2024-21011 (boo#1222979), CVE-2024-21068 (boo#1222983)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.44/\n\n- Update to OpenJDK 17.0.10 with OpenJ9 0.43.0 virtual machine\n- Including Oracle January 2024 CPU changes\n * CVE-2024-20918 (boo#1218907), CVE-2024-20919 (boo#1218903),\n CVE-2024-20921 (boo#1218905), CVE-2024-20932 (boo#1218908),\n CVE-2024-20945 (boo#1218909), CVE-2024-20952 (boo#1218911)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.43/\n\n- Update to OpenJDK 17.0.9 with OpenJ9 0.41.0 virtual machine\n- Including Oracle October 2023 CPU changes\n * CVE-2023-22081, boo#1216374\n * CVE-2023-22025, boo#1216339\n- Including Openj9 0.41.0 fixes of CVE-2023-5676, boo#1217214\n * For other OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.41 \n\n- Update to OpenJDK 17.0.8.1 with OpenJ9 0.40.0 virtual machine\n * JDK-8313765: Invalid CEN header (invalid zip64 extra data\n field size)\n\n- Update to OpenJDK 17.0.8 with OpenJ9 0.40.0 virtual machine\n- Including Oracle July 2023 CPU changes\n * CVE-2023-22006 (boo#1213473), CVE-2023-22036 (boo#1213474),\n CVE-2023-22041 (boo#1213475), CVE-2023-22044 (boo#1213479),\n CVE-2023-22045 (boo#1213481), CVE-2023-22049 (boo#1213482),\n CVE-2023-25193 (boo#1207922)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.40\n\n- Update to OpenJDK 17.0.7 with OpenJ9 0.38.0 virtual machine\n- Including Oracle April 2023 CPU changes\n * CVE-2023-21930 (boo#1210628), CVE-2023-21937 (boo#1210631),\n CVE-2023-21938 (boo#1210632), CVE-2023-21939 (boo#1210634),\n CVE-2023-21954 (boo#1210635), CVE-2023-21967 (boo#1210636),\n CVE-2023-21968 (boo#1210637)\n * OpenJ9 specific vulnerability: CVE-2023-2597 (boo#1211615)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.38\n\n- Update to OpenJDK 17.0.6 with OpenJ9 0.36.0 virtual machine\n * including Oracle January 2023 CPU changes\n + CVE-2023-21835, boo#1207246\n + CVE-2023-21843, boo#1207248\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.36\n\n- Update to OpenJDK 17.0.5 with OpenJ9 0.35.0 virtual machine\n * Including Oracle October 2022 CPU changes\n CVE-2022-21618 (boo#1204468), CVE-2022-21619 (boo#1204473),\n CVE-2022-21626 (boo#1204471), CVE-2022-21624 (boo#1204475),\n CVE-2022-21628 (boo#1204472), CVE-2022-39399 (boo#1204480)\n * Fixes OpenJ9 vulnerability boo#1204703, CVE-2022-3676\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.35\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2025-67",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0067-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:0067-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XA5CCGSPUXUTQHDG25O5DM4G37BLRUMN/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:0067-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XA5CCGSPUXUTQHDG25O5DM4G37BLRUMN/"
},
{
"category": "self",
"summary": "SUSE Bug 1204468",
"url": "https://bugzilla.suse.com/1204468"
},
{
"category": "self",
"summary": "SUSE Bug 1204471",
"url": "https://bugzilla.suse.com/1204471"
},
{
"category": "self",
"summary": "SUSE Bug 1204472",
"url": "https://bugzilla.suse.com/1204472"
},
{
"category": "self",
"summary": "SUSE Bug 1204473",
"url": "https://bugzilla.suse.com/1204473"
},
{
"category": "self",
"summary": "SUSE Bug 1204475",
"url": "https://bugzilla.suse.com/1204475"
},
{
"category": "self",
"summary": "SUSE Bug 1204480",
"url": "https://bugzilla.suse.com/1204480"
},
{
"category": "self",
"summary": "SUSE Bug 1204703",
"url": "https://bugzilla.suse.com/1204703"
},
{
"category": "self",
"summary": "SUSE Bug 1206549",
"url": "https://bugzilla.suse.com/1206549"
},
{
"category": "self",
"summary": "SUSE Bug 1207246",
"url": "https://bugzilla.suse.com/1207246"
},
{
"category": "self",
"summary": "SUSE Bug 1207248",
"url": "https://bugzilla.suse.com/1207248"
},
{
"category": "self",
"summary": "SUSE Bug 1207922",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "self",
"summary": "SUSE Bug 1210628",
"url": "https://bugzilla.suse.com/1210628"
},
{
"category": "self",
"summary": "SUSE Bug 1210631",
"url": "https://bugzilla.suse.com/1210631"
},
{
"category": "self",
"summary": "SUSE Bug 1210632",
"url": "https://bugzilla.suse.com/1210632"
},
{
"category": "self",
"summary": "SUSE Bug 1210634",
"url": "https://bugzilla.suse.com/1210634"
},
{
"category": "self",
"summary": "SUSE Bug 1210635",
"url": "https://bugzilla.suse.com/1210635"
},
{
"category": "self",
"summary": "SUSE Bug 1210636",
"url": "https://bugzilla.suse.com/1210636"
},
{
"category": "self",
"summary": "SUSE Bug 1210637",
"url": "https://bugzilla.suse.com/1210637"
},
{
"category": "self",
"summary": "SUSE Bug 1211615",
"url": "https://bugzilla.suse.com/1211615"
},
{
"category": "self",
"summary": "SUSE Bug 1213470",
"url": "https://bugzilla.suse.com/1213470"
},
{
"category": "self",
"summary": "SUSE Bug 1213473",
"url": "https://bugzilla.suse.com/1213473"
},
{
"category": "self",
"summary": "SUSE Bug 1213474",
"url": "https://bugzilla.suse.com/1213474"
},
{
"category": "self",
"summary": "SUSE Bug 1213475",
"url": "https://bugzilla.suse.com/1213475"
},
{
"category": "self",
"summary": "SUSE Bug 1213479",
"url": "https://bugzilla.suse.com/1213479"
},
{
"category": "self",
"summary": "SUSE Bug 1213481",
"url": "https://bugzilla.suse.com/1213481"
},
{
"category": "self",
"summary": "SUSE Bug 1213482",
"url": "https://bugzilla.suse.com/1213482"
},
{
"category": "self",
"summary": "SUSE Bug 1216339",
"url": "https://bugzilla.suse.com/1216339"
},
{
"category": "self",
"summary": "SUSE Bug 1216374",
"url": "https://bugzilla.suse.com/1216374"
},
{
"category": "self",
"summary": "SUSE Bug 1217214",
"url": "https://bugzilla.suse.com/1217214"
},
{
"category": "self",
"summary": "SUSE Bug 1218903",
"url": "https://bugzilla.suse.com/1218903"
},
{
"category": "self",
"summary": "SUSE Bug 1218905",
"url": "https://bugzilla.suse.com/1218905"
},
{
"category": "self",
"summary": "SUSE Bug 1218907",
"url": "https://bugzilla.suse.com/1218907"
},
{
"category": "self",
"summary": "SUSE Bug 1218908",
"url": "https://bugzilla.suse.com/1218908"
},
{
"category": "self",
"summary": "SUSE Bug 1218909",
"url": "https://bugzilla.suse.com/1218909"
},
{
"category": "self",
"summary": "SUSE Bug 1218911",
"url": "https://bugzilla.suse.com/1218911"
},
{
"category": "self",
"summary": "SUSE Bug 1222979",
"url": "https://bugzilla.suse.com/1222979"
},
{
"category": "self",
"summary": "SUSE Bug 1222983",
"url": "https://bugzilla.suse.com/1222983"
},
{
"category": "self",
"summary": "SUSE Bug 1222986",
"url": "https://bugzilla.suse.com/1222986"
},
{
"category": "self",
"summary": "SUSE Bug 1222987",
"url": "https://bugzilla.suse.com/1222987"
},
{
"category": "self",
"summary": "SUSE Bug 1228046",
"url": "https://bugzilla.suse.com/1228046"
},
{
"category": "self",
"summary": "SUSE Bug 1228047",
"url": "https://bugzilla.suse.com/1228047"
},
{
"category": "self",
"summary": "SUSE Bug 1228048",
"url": "https://bugzilla.suse.com/1228048"
},
{
"category": "self",
"summary": "SUSE Bug 1228051",
"url": "https://bugzilla.suse.com/1228051"
},
{
"category": "self",
"summary": "SUSE Bug 1228052",
"url": "https://bugzilla.suse.com/1228052"
},
{
"category": "self",
"summary": "SUSE Bug 1231702",
"url": "https://bugzilla.suse.com/1231702"
},
{
"category": "self",
"summary": "SUSE Bug 1231711",
"url": "https://bugzilla.suse.com/1231711"
},
{
"category": "self",
"summary": "SUSE Bug 1231716",
"url": "https://bugzilla.suse.com/1231716"
},
{
"category": "self",
"summary": "SUSE Bug 1231719",
"url": "https://bugzilla.suse.com/1231719"
},
{
"category": "self",
"summary": "SUSE Bug 1236278",
"url": "https://bugzilla.suse.com/1236278"
},
{
"category": "self",
"summary": "SUSE Bug 1236804",
"url": "https://bugzilla.suse.com/1236804"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21618 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21619 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21624 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21626 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21628 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3676 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39399 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21939 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21954 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21967 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22006 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22025 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22025/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22041 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22044 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22044/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22049 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25193 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20932 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21131 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21138 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21145 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21208 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21217 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21235 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21502 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21502/"
}
],
"title": "Security update for java-17-openj9",
"tracking": {
"current_release_date": "2025-02-19T22:53:13Z",
"generator": {
"date": "2025-02-19T22:53:13Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:0067-1",
"initial_release_date": "2025-02-19T22:53:13Z",
"revision_history": [
{
"date": "2025-02-19T22:53:13Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"product": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"product_id": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"product": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"product_id": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"product": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"product_id": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"product": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"product_id": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"product": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"product_id": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"product": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"product_id": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"product": {
"name": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"product_id": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"product": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"product_id": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"product": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"product_id": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"product": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"product_id": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"product": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"product_id": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"product": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"product_id": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"product": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"product_id": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"product": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"product_id": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"product": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"product_id": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"product": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"product_id": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"product": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"product_id": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"product": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"product_id": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"product": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"product_id": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"product": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"product_id": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"product": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"product_id": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"product": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"product_id": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"product": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"product_id": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"product": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"product_id": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"product": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"product_id": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP6",
"product": {
"name": "SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch"
},
"product_reference": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch"
},
"product_reference": "java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
},
"product_reference": "java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2022-21618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21618"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21618",
"url": "https://www.suse.com/security/cve/CVE-2022-21618"
},
{
"category": "external",
"summary": "SUSE Bug 1204468 for CVE-2022-21618",
"url": "https://bugzilla.suse.com/1204468"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21618",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-21618"
},
{
"cve": "CVE-2022-21619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21619"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21619",
"url": "https://www.suse.com/security/cve/CVE-2022-21619"
},
{
"category": "external",
"summary": "SUSE Bug 1204473 for CVE-2022-21619",
"url": "https://bugzilla.suse.com/1204473"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21619",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2022-21619"
},
{
"cve": "CVE-2022-21624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21624"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21624",
"url": "https://www.suse.com/security/cve/CVE-2022-21624"
},
{
"category": "external",
"summary": "SUSE Bug 1204475 for CVE-2022-21624",
"url": "https://bugzilla.suse.com/1204475"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21624",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2022-21624"
},
{
"cve": "CVE-2022-21626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21626"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21626",
"url": "https://www.suse.com/security/cve/CVE-2022-21626"
},
{
"category": "external",
"summary": "SUSE Bug 1204471 for CVE-2022-21626",
"url": "https://bugzilla.suse.com/1204471"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21626",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-21626"
},
{
"cve": "CVE-2022-21628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21628"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21628",
"url": "https://www.suse.com/security/cve/CVE-2022-21628"
},
{
"category": "external",
"summary": "SUSE Bug 1204472 for CVE-2022-21628",
"url": "https://bugzilla.suse.com/1204472"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21628",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-21628"
},
{
"cve": "CVE-2022-3676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3676",
"url": "https://www.suse.com/security/cve/CVE-2022-3676"
},
{
"category": "external",
"summary": "SUSE Bug 1204703 for CVE-2022-3676",
"url": "https://bugzilla.suse.com/1204703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2022-3676"
},
{
"cve": "CVE-2022-39399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39399"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39399",
"url": "https://www.suse.com/security/cve/CVE-2022-39399"
},
{
"category": "external",
"summary": "SUSE Bug 1204480 for CVE-2022-39399",
"url": "https://bugzilla.suse.com/1204480"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-39399",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2022-39399"
},
{
"cve": "CVE-2023-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21835"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21835",
"url": "https://www.suse.com/security/cve/CVE-2023-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1207246 for CVE-2023-21835",
"url": "https://bugzilla.suse.com/1207246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-21835"
},
{
"cve": "CVE-2023-21843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21843"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21843",
"url": "https://www.suse.com/security/cve/CVE-2023-21843"
},
{
"category": "external",
"summary": "SUSE Bug 1207248 for CVE-2023-21843",
"url": "https://bugzilla.suse.com/1207248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21930"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21930",
"url": "https://www.suse.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1210628 for CVE-2023-21930",
"url": "https://bugzilla.suse.com/1210628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21937"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21937",
"url": "https://www.suse.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1210631 for CVE-2023-21937",
"url": "https://bugzilla.suse.com/1210631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21938"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21938",
"url": "https://www.suse.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1210632 for CVE-2023-21938",
"url": "https://bugzilla.suse.com/1210632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21939"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21939",
"url": "https://www.suse.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "SUSE Bug 1210634 for CVE-2023-21939",
"url": "https://bugzilla.suse.com/1210634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-21954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21954"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21954",
"url": "https://www.suse.com/security/cve/CVE-2023-21954"
},
{
"category": "external",
"summary": "SUSE Bug 1210635 for CVE-2023-21954",
"url": "https://bugzilla.suse.com/1210635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-21967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21967"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21967",
"url": "https://www.suse.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "SUSE Bug 1210636 for CVE-2023-21967",
"url": "https://bugzilla.suse.com/1210636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21968"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21968",
"url": "https://www.suse.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1210637 for CVE-2023-21968",
"url": "https://bugzilla.suse.com/1210637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-22006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22006"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22006",
"url": "https://www.suse.com/security/cve/CVE-2023-22006"
},
{
"category": "external",
"summary": "SUSE Bug 1213473 for CVE-2023-22006",
"url": "https://bugzilla.suse.com/1213473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-22006"
},
{
"cve": "CVE-2023-22025",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22025"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22025",
"url": "https://www.suse.com/security/cve/CVE-2023-22025"
},
{
"category": "external",
"summary": "SUSE Bug 1216339 for CVE-2023-22025",
"url": "https://bugzilla.suse.com/1216339"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-22025"
},
{
"cve": "CVE-2023-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22036"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22036",
"url": "https://www.suse.com/security/cve/CVE-2023-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1213474 for CVE-2023-22036",
"url": "https://bugzilla.suse.com/1213474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-22036"
},
{
"cve": "CVE-2023-22041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22041"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22041",
"url": "https://www.suse.com/security/cve/CVE-2023-22041"
},
{
"category": "external",
"summary": "SUSE Bug 1213475 for CVE-2023-22041",
"url": "https://bugzilla.suse.com/1213475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-22041"
},
{
"cve": "CVE-2023-22044",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22044"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22044",
"url": "https://www.suse.com/security/cve/CVE-2023-22044"
},
{
"category": "external",
"summary": "SUSE Bug 1213479 for CVE-2023-22044",
"url": "https://bugzilla.suse.com/1213479"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-22044"
},
{
"cve": "CVE-2023-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22045"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22045",
"url": "https://www.suse.com/security/cve/CVE-2023-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1213481 for CVE-2023-22045",
"url": "https://bugzilla.suse.com/1213481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-22045"
},
{
"cve": "CVE-2023-22049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22049"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22049",
"url": "https://www.suse.com/security/cve/CVE-2023-22049"
},
{
"category": "external",
"summary": "SUSE Bug 1213482 for CVE-2023-22049",
"url": "https://bugzilla.suse.com/1213482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2023-22049"
},
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-25193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25193"
}
],
"notes": [
{
"category": "general",
"text": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25193",
"url": "https://www.suse.com/security/cve/CVE-2023-25193"
},
{
"category": "external",
"summary": "SUSE Bug 1207922 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "external",
"summary": "SUSE Bug 1213939 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1213939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2023-25193"
},
{
"cve": "CVE-2023-2597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2597"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2597",
"url": "https://www.suse.com/security/cve/CVE-2023-2597"
},
{
"category": "external",
"summary": "SUSE Bug 1211615 for CVE-2023-2597",
"url": "https://bugzilla.suse.com/1211615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2023-2597"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2024-20918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20918"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20918",
"url": "https://www.suse.com/security/cve/CVE-2024-20918"
},
{
"category": "external",
"summary": "SUSE Bug 1218907 for CVE-2024-20918",
"url": "https://bugzilla.suse.com/1218907"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20918",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20919"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20919",
"url": "https://www.suse.com/security/cve/CVE-2024-20919"
},
{
"category": "external",
"summary": "SUSE Bug 1218903 for CVE-2024-20919",
"url": "https://bugzilla.suse.com/1218903"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20919",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20921"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20921",
"url": "https://www.suse.com/security/cve/CVE-2024-20921"
},
{
"category": "external",
"summary": "SUSE Bug 1218905 for CVE-2024-20921",
"url": "https://bugzilla.suse.com/1218905"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20921",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20932"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20932",
"url": "https://www.suse.com/security/cve/CVE-2024-20932"
},
{
"category": "external",
"summary": "SUSE Bug 1218908 for CVE-2024-20932",
"url": "https://bugzilla.suse.com/1218908"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20932",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2024-20932"
},
{
"cve": "CVE-2024-20945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20945"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20945",
"url": "https://www.suse.com/security/cve/CVE-2024-20945"
},
{
"category": "external",
"summary": "SUSE Bug 1218909 for CVE-2024-20945",
"url": "https://bugzilla.suse.com/1218909"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20945",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20952"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20952",
"url": "https://www.suse.com/security/cve/CVE-2024-20952"
},
{
"category": "external",
"summary": "SUSE Bug 1218911 for CVE-2024-20952",
"url": "https://bugzilla.suse.com/1218911"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20952",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-21011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21011"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21011",
"url": "https://www.suse.com/security/cve/CVE-2024-21011"
},
{
"category": "external",
"summary": "SUSE Bug 1222979 for CVE-2024-21011",
"url": "https://bugzilla.suse.com/1222979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2024-21011"
},
{
"cve": "CVE-2024-21012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21012"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21012",
"url": "https://www.suse.com/security/cve/CVE-2024-21012"
},
{
"category": "external",
"summary": "SUSE Bug 1222987 for CVE-2024-21012",
"url": "https://bugzilla.suse.com/1222987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2024-21012"
},
{
"cve": "CVE-2024-21068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21068"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21068",
"url": "https://www.suse.com/security/cve/CVE-2024-21068"
},
{
"category": "external",
"summary": "SUSE Bug 1222983 for CVE-2024-21068",
"url": "https://bugzilla.suse.com/1222983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2024-21068"
},
{
"cve": "CVE-2024-21094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21094"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21094",
"url": "https://www.suse.com/security/cve/CVE-2024-21094"
},
{
"category": "external",
"summary": "SUSE Bug 1222986 for CVE-2024-21094",
"url": "https://bugzilla.suse.com/1222986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2024-21094"
},
{
"cve": "CVE-2024-21131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21131"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21131",
"url": "https://www.suse.com/security/cve/CVE-2024-21131"
},
{
"category": "external",
"summary": "SUSE Bug 1228046 for CVE-2024-21131",
"url": "https://bugzilla.suse.com/1228046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2024-21131"
},
{
"cve": "CVE-2024-21138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21138"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21138",
"url": "https://www.suse.com/security/cve/CVE-2024-21138"
},
{
"category": "external",
"summary": "SUSE Bug 1228047 for CVE-2024-21138",
"url": "https://bugzilla.suse.com/1228047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "low"
}
],
"title": "CVE-2024-21138"
},
{
"cve": "CVE-2024-21140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21140"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21140",
"url": "https://www.suse.com/security/cve/CVE-2024-21140"
},
{
"category": "external",
"summary": "SUSE Bug 1228048 for CVE-2024-21140",
"url": "https://bugzilla.suse.com/1228048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-21140"
},
{
"cve": "CVE-2024-21145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21145"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21145",
"url": "https://www.suse.com/security/cve/CVE-2024-21145"
},
{
"category": "external",
"summary": "SUSE Bug 1228051 for CVE-2024-21145",
"url": "https://bugzilla.suse.com/1228051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-21145"
},
{
"cve": "CVE-2024-21147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21147"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21147",
"url": "https://www.suse.com/security/cve/CVE-2024-21147"
},
{
"category": "external",
"summary": "SUSE Bug 1228052 for CVE-2024-21147",
"url": "https://bugzilla.suse.com/1228052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "important"
}
],
"title": "CVE-2024-21147"
},
{
"cve": "CVE-2024-21208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21208"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21208",
"url": "https://www.suse.com/security/cve/CVE-2024-21208"
},
{
"category": "external",
"summary": "SUSE Bug 1231702 for CVE-2024-21208",
"url": "https://bugzilla.suse.com/1231702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-21208"
},
{
"cve": "CVE-2024-21210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21210"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21210",
"url": "https://www.suse.com/security/cve/CVE-2024-21210"
},
{
"category": "external",
"summary": "SUSE Bug 1231711 for CVE-2024-21210",
"url": "https://bugzilla.suse.com/1231711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-21210"
},
{
"cve": "CVE-2024-21217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21217"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21217",
"url": "https://www.suse.com/security/cve/CVE-2024-21217"
},
{
"category": "external",
"summary": "SUSE Bug 1231716 for CVE-2024-21217",
"url": "https://bugzilla.suse.com/1231716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-21217"
},
{
"cve": "CVE-2024-21235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21235"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21235",
"url": "https://www.suse.com/security/cve/CVE-2024-21235"
},
{
"category": "external",
"summary": "SUSE Bug 1231719 for CVE-2024-21235",
"url": "https://bugzilla.suse.com/1231719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2024-21235"
},
{
"cve": "CVE-2025-21502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21502"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21502",
"url": "https://www.suse.com/security/cve/CVE-2025-21502"
},
{
"category": "external",
"summary": "SUSE Bug 1236278 for CVE-2025-21502",
"url": "https://bugzilla.suse.com/1236278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"SUSE Package Hub 15 SP6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-demo-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-devel-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-headless-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-javadoc-17.0.14.0-bp156.3.3.1.noarch",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-jmods-17.0.14.0-bp156.3.3.1.x86_64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.aarch64",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.ppc64le",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.s390x",
"openSUSE Leap 15.6:java-17-openj9-src-17.0.14.0-bp156.3.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-19T22:53:13Z",
"details": "moderate"
}
],
"title": "CVE-2025-21502"
}
]
}
opensuse-su-2025:0066-1
Vulnerability from csaf_opensuse
Published
2025-02-18 16:58
Modified
2025-02-18 16:58
Summary
Security update for java-11-openj9
Notes
Title of the patch
Security update for java-11-openj9
Description of the patch
This update for java-11-openj9 fixes the following issues:
- Update to OpenJDK 11.0.26 with OpenJ9 0.49.0 virtual machine
- Including Oracle October 2024 and January 2025 CPU changes
* CVE-2024-21208 (boo#1231702), CVE-2024-21210 (boo#1231711),
CVE-2024-21217 (boo#1231716), CVE-2024-21235 (boo#1231719),
CVE-2025-21502 (boo#1236278)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.49/
- Update to OpenJDK 11.0.24 with OpenJ9 0.46.0 virtual machine
- Including Oracle July 2024 CPU changes
* CVE-2024-21131 (boo#1228046), CVE-2024-21138 (boo#1228047),
CVE-2024-21140 (boo#1228048), CVE-2024-21144 (boo#1228050),
CVE-2024-21147 (boo#1228052), CVE-2024-21145 (boo#1228051)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.46/
- Update to OpenJDK 11.0.23 with OpenJ9 0.44.0 virtual machine
- Including Oracle April 2024 CPU changes
* CVE-2024-21012 (boo#1222987), CVE-2024-21094 (boo#1222986),
CVE-2024-21011 (boo#1222979), CVE-2024-21085 (boo#1222984),
CVE-2024-21068 (boo#1222983)
- Including OpenJ9/OMR specific fix:
* CVE-2024-3933 (boo#1225470)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.44/
- Update to OpenJDK 11.0.22 with OpenJ9 0.43.0 virtual machine
- Including Oracle January 2024 CPU changes
* CVE-2024-20918 (boo#1218907), CVE-2024-20919 (boo#1218903),
CVE-2024-20921 (boo#1218905), CVE-2024-20926 (boo#1218906),
CVE-2024-20945 (boo#1218909), CVE-2024-20952 (boo#1218911)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.43/
- Remove the possibility to put back removes JavaEE modules, since
our Java stack does not need this hack any more
- Update to OpenJDK 11.0.21 with OpenJ9 0.41.0 virtual machine
- Including Oracle October 2023 CPU changes
* CVE-2023-22081, boo#1216374
- Including Openj9 0.41.0 fixes of CVE-2023-5676, boo#1217214
* For other OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.41
- Update to OpenJDK 11.0.20.1 with OpenJ9 0.40.0 virtual machine
* JDK-8313765: Invalid CEN header (invalid zip64 extra data
field size)
- Update to OpenJDK 11.0.20 with OpenJ9 0.40.0 virtual machine
- Including Oracle April 2023 CPU changes
* CVE-2023-22006 (boo#1213473), CVE-2023-22036 (boo#1213474),
CVE-2023-22041 (boo#1213475), CVE-2023-22045 (boo#1213481),
CVE-2023-22049 (boo#1213482), CVE-2023-25193 (boo#1207922)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.40
- Update to OpenJDK 11.0.19 with OpenJ9 0.38.0 virtual machine
- Including Oracle April 2023 CPU changes
* CVE-2023-21930 (boo#1210628), CVE-2023-21937 (boo#1210631),
CVE-2023-21938 (boo#1210632), CVE-2023-21939 (boo#1210634),
CVE-2023-21954 (boo#1210635), CVE-2023-21967 (boo#1210636),
CVE-2023-21968 (boo#1210637)
* OpenJ9 specific vulnerability: CVE-2023-2597 (boo#1211615)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.38
- Update to OpenJDK 11.0.18 with OpenJ9 0.36.1 virtual machine
* Including Oracle January 2023 CPU changes
+ CVE-2023-21835, boo#1207246
+ CVE-2023-21843, boo#1207248
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.36
- Update to OpenJDK 11.0.17 with OpenJ9 0.35.0 virtual machine
* Including Oracle October 2022 CPU changes
CVE-2022-21618 (boo#1204468), CVE-2022-21619 (boo#1204473),
CVE-2022-21626 (boo#1204471), CVE-2022-21624 (boo#1204475),
CVE-2022-21628 (boo#1204472), CVE-2022-39399 (boo#1204480)
* Fixes OpenJ9 vulnerability boo#1204703, CVE-2022-3676
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.35
- Update to OpenJDK 11.0.16 with OpenJ9 0.33.0 virtual machine
* Including Oracle July 2022 CPU changes
CVE-2022-21540 (boo#1201694), CVE-2022-21541 (boo#1201692),
CVE-2022-34169 (boo#1201684)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.33
- Update to OpenJDK 11.0.15 with OpenJ9 0.32.0 virtual machine
* Fixes boo#1198935, CVE-2021-41041: unverified methods can be
invoked using MethodHandles
* Including Oracle April 2022 CPU fixes
CVE-2022-21426 (boo#1198672), CVE-2022-21434 (boo#1198674),
CVE-2022-21443 (boo#1198675), CVE-2022-21476 (boo#1198671),
CVE-2022-21496 (boo#1198673)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.32
- Update to OpenJDK 11.0.14.1 with OpenJ9 0.30.1 virtual machine
* including Oracle January 2022 CPU changes (boo#1194925,
boo#1194926, boo#1194927, boo#1194928, boo#1194929, boo#1194930,
boo#1194931, boo#1194932, boo#1194933, boo#1194934, boo#1194935,
boo#1194937, boo#1194939, boo#1194940, boo#1194941)
* OpenJ9 changes see
https://www.eclipse.org/openj9/docs/version0.30.1
- Update to OpenJDK 11.0.13 with OpenJ9 0.29.0 virtual machine
* including Oracle July 2021 and October 2021 CPU changes
(boo#1188564, boo#1188565, boo#1188566, boo#1191901,
boo#1191909, boo#1191910, boo#1191911, boo#1191912,
boo#1191913, boo#1191903, boo#1191904, boo#1191914,
boo#1191906)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.29
- Update to OpenJDK 11.0.11 with OpenJ9 0.26.0 virtual machine
* including Oracle April 2021 CPU changes (boo#1185055 and
boo#1185056)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.26
- Update to OpenJDK 11.0.10 with OpenJ9 0.24.0 virtual machine
* including Oracle January 2021 CPU changes (boo#1181239)
* OpenJ9 changes, see
https://www.eclipse.org/openj9/docs/version0.24
Patchnames
openSUSE-2025-66
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for java-11-openj9",
"title": "Title of the patch"
},
{
"category": "description",
"text": "This update for java-11-openj9 fixes the following issues:\n\n- Update to OpenJDK 11.0.26 with OpenJ9 0.49.0 virtual machine\n- Including Oracle October 2024 and January 2025 CPU changes\n * CVE-2024-21208 (boo#1231702), CVE-2024-21210 (boo#1231711),\n CVE-2024-21217 (boo#1231716), CVE-2024-21235 (boo#1231719),\n CVE-2025-21502 (boo#1236278)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.49/\n\n- Update to OpenJDK 11.0.24 with OpenJ9 0.46.0 virtual machine\n- Including Oracle July 2024 CPU changes\n * CVE-2024-21131 (boo#1228046), CVE-2024-21138 (boo#1228047),\n CVE-2024-21140 (boo#1228048), CVE-2024-21144 (boo#1228050),\n CVE-2024-21147 (boo#1228052), CVE-2024-21145 (boo#1228051)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.46/\n\n- Update to OpenJDK 11.0.23 with OpenJ9 0.44.0 virtual machine\n- Including Oracle April 2024 CPU changes\n * CVE-2024-21012 (boo#1222987), CVE-2024-21094 (boo#1222986),\n CVE-2024-21011 (boo#1222979), CVE-2024-21085 (boo#1222984),\n CVE-2024-21068 (boo#1222983)\n- Including OpenJ9/OMR specific fix:\n * CVE-2024-3933 (boo#1225470)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.44/\n\n- Update to OpenJDK 11.0.22 with OpenJ9 0.43.0 virtual machine\n- Including Oracle January 2024 CPU changes\n * CVE-2024-20918 (boo#1218907), CVE-2024-20919 (boo#1218903),\n CVE-2024-20921 (boo#1218905), CVE-2024-20926 (boo#1218906),\n CVE-2024-20945 (boo#1218909), CVE-2024-20952 (boo#1218911)\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.43/\n- Remove the possibility to put back removes JavaEE modules, since\n our Java stack does not need this hack any more\n\n- Update to OpenJDK 11.0.21 with OpenJ9 0.41.0 virtual machine\n- Including Oracle October 2023 CPU changes\n * CVE-2023-22081, boo#1216374\n- Including Openj9 0.41.0 fixes of CVE-2023-5676, boo#1217214\n * For other OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.41 \n\n- Update to OpenJDK 11.0.20.1 with OpenJ9 0.40.0 virtual machine\n * JDK-8313765: Invalid CEN header (invalid zip64 extra data\n field size)\n\n- Update to OpenJDK 11.0.20 with OpenJ9 0.40.0 virtual machine\n- Including Oracle April 2023 CPU changes\n * CVE-2023-22006 (boo#1213473), CVE-2023-22036 (boo#1213474),\n CVE-2023-22041 (boo#1213475), CVE-2023-22045 (boo#1213481),\n CVE-2023-22049 (boo#1213482), CVE-2023-25193 (boo#1207922)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.40\n\n- Update to OpenJDK 11.0.19 with OpenJ9 0.38.0 virtual machine\n- Including Oracle April 2023 CPU changes\n * CVE-2023-21930 (boo#1210628), CVE-2023-21937 (boo#1210631),\n CVE-2023-21938 (boo#1210632), CVE-2023-21939 (boo#1210634),\n CVE-2023-21954 (boo#1210635), CVE-2023-21967 (boo#1210636),\n CVE-2023-21968 (boo#1210637)\n * OpenJ9 specific vulnerability: CVE-2023-2597 (boo#1211615)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.38\n\n- Update to OpenJDK 11.0.18 with OpenJ9 0.36.1 virtual machine\n * Including Oracle January 2023 CPU changes\n + CVE-2023-21835, boo#1207246\n + CVE-2023-21843, boo#1207248\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.36\n\n- Update to OpenJDK 11.0.17 with OpenJ9 0.35.0 virtual machine\n * Including Oracle October 2022 CPU changes\n CVE-2022-21618 (boo#1204468), CVE-2022-21619 (boo#1204473),\n CVE-2022-21626 (boo#1204471), CVE-2022-21624 (boo#1204475),\n CVE-2022-21628 (boo#1204472), CVE-2022-39399 (boo#1204480)\n * Fixes OpenJ9 vulnerability boo#1204703, CVE-2022-3676\n * OpenJ9 changes, see \n https://www.eclipse.org/openj9/docs/version0.35\n\n- Update to OpenJDK 11.0.16 with OpenJ9 0.33.0 virtual machine\n * Including Oracle July 2022 CPU changes\n CVE-2022-21540 (boo#1201694), CVE-2022-21541 (boo#1201692),\n CVE-2022-34169 (boo#1201684)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.33\n\n- Update to OpenJDK 11.0.15 with OpenJ9 0.32.0 virtual machine\n * Fixes boo#1198935, CVE-2021-41041: unverified methods can be\n invoked using MethodHandles\n * Including Oracle April 2022 CPU fixes\n CVE-2022-21426 (boo#1198672), CVE-2022-21434 (boo#1198674),\n CVE-2022-21443 (boo#1198675), CVE-2022-21476 (boo#1198671),\n CVE-2022-21496 (boo#1198673)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.32\n\n- Update to OpenJDK 11.0.14.1 with OpenJ9 0.30.1 virtual machine\n * including Oracle January 2022 CPU changes (boo#1194925,\n boo#1194926, boo#1194927, boo#1194928, boo#1194929, boo#1194930,\n boo#1194931, boo#1194932, boo#1194933, boo#1194934, boo#1194935,\n boo#1194937, boo#1194939, boo#1194940, boo#1194941)\n * OpenJ9 changes see\n https://www.eclipse.org/openj9/docs/version0.30.1\n\n- Update to OpenJDK 11.0.13 with OpenJ9 0.29.0 virtual machine\n * including Oracle July 2021 and October 2021 CPU changes\n (boo#1188564, boo#1188565, boo#1188566, boo#1191901,\n boo#1191909, boo#1191910, boo#1191911, boo#1191912,\n boo#1191913, boo#1191903, boo#1191904, boo#1191914,\n boo#1191906)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.29\n\n- Update to OpenJDK 11.0.11 with OpenJ9 0.26.0 virtual machine\n * including Oracle April 2021 CPU changes (boo#1185055 and\n boo#1185056)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.26\n\n- Update to OpenJDK 11.0.10 with OpenJ9 0.24.0 virtual machine\n * including Oracle January 2021 CPU changes (boo#1181239)\n * OpenJ9 changes, see\n https://www.eclipse.org/openj9/docs/version0.24\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "openSUSE-2025-66",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2025_0066-1.json"
},
{
"category": "self",
"summary": "URL for openSUSE-SU-2025:0066-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GS63GCBRVH7N4JEIZNQAPVFNNVB2OGSU/"
},
{
"category": "self",
"summary": "E-Mail link for openSUSE-SU-2025:0066-1",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/GS63GCBRVH7N4JEIZNQAPVFNNVB2OGSU/"
},
{
"category": "self",
"summary": "SUSE Bug 1181239",
"url": "https://bugzilla.suse.com/1181239"
},
{
"category": "self",
"summary": "SUSE Bug 1185055",
"url": "https://bugzilla.suse.com/1185055"
},
{
"category": "self",
"summary": "SUSE Bug 1185056",
"url": "https://bugzilla.suse.com/1185056"
},
{
"category": "self",
"summary": "SUSE Bug 1188564",
"url": "https://bugzilla.suse.com/1188564"
},
{
"category": "self",
"summary": "SUSE Bug 1188565",
"url": "https://bugzilla.suse.com/1188565"
},
{
"category": "self",
"summary": "SUSE Bug 1188566",
"url": "https://bugzilla.suse.com/1188566"
},
{
"category": "self",
"summary": "SUSE Bug 1191901",
"url": "https://bugzilla.suse.com/1191901"
},
{
"category": "self",
"summary": "SUSE Bug 1191903",
"url": "https://bugzilla.suse.com/1191903"
},
{
"category": "self",
"summary": "SUSE Bug 1191904",
"url": "https://bugzilla.suse.com/1191904"
},
{
"category": "self",
"summary": "SUSE Bug 1191906",
"url": "https://bugzilla.suse.com/1191906"
},
{
"category": "self",
"summary": "SUSE Bug 1191909",
"url": "https://bugzilla.suse.com/1191909"
},
{
"category": "self",
"summary": "SUSE Bug 1191910",
"url": "https://bugzilla.suse.com/1191910"
},
{
"category": "self",
"summary": "SUSE Bug 1191911",
"url": "https://bugzilla.suse.com/1191911"
},
{
"category": "self",
"summary": "SUSE Bug 1191912",
"url": "https://bugzilla.suse.com/1191912"
},
{
"category": "self",
"summary": "SUSE Bug 1191913",
"url": "https://bugzilla.suse.com/1191913"
},
{
"category": "self",
"summary": "SUSE Bug 1191914",
"url": "https://bugzilla.suse.com/1191914"
},
{
"category": "self",
"summary": "SUSE Bug 1194925",
"url": "https://bugzilla.suse.com/1194925"
},
{
"category": "self",
"summary": "SUSE Bug 1194926",
"url": "https://bugzilla.suse.com/1194926"
},
{
"category": "self",
"summary": "SUSE Bug 1194927",
"url": "https://bugzilla.suse.com/1194927"
},
{
"category": "self",
"summary": "SUSE Bug 1194928",
"url": "https://bugzilla.suse.com/1194928"
},
{
"category": "self",
"summary": "SUSE Bug 1194929",
"url": "https://bugzilla.suse.com/1194929"
},
{
"category": "self",
"summary": "SUSE Bug 1194930",
"url": "https://bugzilla.suse.com/1194930"
},
{
"category": "self",
"summary": "SUSE Bug 1194931",
"url": "https://bugzilla.suse.com/1194931"
},
{
"category": "self",
"summary": "SUSE Bug 1194932",
"url": "https://bugzilla.suse.com/1194932"
},
{
"category": "self",
"summary": "SUSE Bug 1194933",
"url": "https://bugzilla.suse.com/1194933"
},
{
"category": "self",
"summary": "SUSE Bug 1194934",
"url": "https://bugzilla.suse.com/1194934"
},
{
"category": "self",
"summary": "SUSE Bug 1194935",
"url": "https://bugzilla.suse.com/1194935"
},
{
"category": "self",
"summary": "SUSE Bug 1194937",
"url": "https://bugzilla.suse.com/1194937"
},
{
"category": "self",
"summary": "SUSE Bug 1194939",
"url": "https://bugzilla.suse.com/1194939"
},
{
"category": "self",
"summary": "SUSE Bug 1194940",
"url": "https://bugzilla.suse.com/1194940"
},
{
"category": "self",
"summary": "SUSE Bug 1194941",
"url": "https://bugzilla.suse.com/1194941"
},
{
"category": "self",
"summary": "SUSE Bug 1198671",
"url": "https://bugzilla.suse.com/1198671"
},
{
"category": "self",
"summary": "SUSE Bug 1198672",
"url": "https://bugzilla.suse.com/1198672"
},
{
"category": "self",
"summary": "SUSE Bug 1198673",
"url": "https://bugzilla.suse.com/1198673"
},
{
"category": "self",
"summary": "SUSE Bug 1198674",
"url": "https://bugzilla.suse.com/1198674"
},
{
"category": "self",
"summary": "SUSE Bug 1198675",
"url": "https://bugzilla.suse.com/1198675"
},
{
"category": "self",
"summary": "SUSE Bug 1198935",
"url": "https://bugzilla.suse.com/1198935"
},
{
"category": "self",
"summary": "SUSE Bug 1201684",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "self",
"summary": "SUSE Bug 1201692",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "self",
"summary": "SUSE Bug 1201694",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "self",
"summary": "SUSE Bug 1204468",
"url": "https://bugzilla.suse.com/1204468"
},
{
"category": "self",
"summary": "SUSE Bug 1204471",
"url": "https://bugzilla.suse.com/1204471"
},
{
"category": "self",
"summary": "SUSE Bug 1204472",
"url": "https://bugzilla.suse.com/1204472"
},
{
"category": "self",
"summary": "SUSE Bug 1204473",
"url": "https://bugzilla.suse.com/1204473"
},
{
"category": "self",
"summary": "SUSE Bug 1204475",
"url": "https://bugzilla.suse.com/1204475"
},
{
"category": "self",
"summary": "SUSE Bug 1204480",
"url": "https://bugzilla.suse.com/1204480"
},
{
"category": "self",
"summary": "SUSE Bug 1204703",
"url": "https://bugzilla.suse.com/1204703"
},
{
"category": "self",
"summary": "SUSE Bug 1206549",
"url": "https://bugzilla.suse.com/1206549"
},
{
"category": "self",
"summary": "SUSE Bug 1207246",
"url": "https://bugzilla.suse.com/1207246"
},
{
"category": "self",
"summary": "SUSE Bug 1207248",
"url": "https://bugzilla.suse.com/1207248"
},
{
"category": "self",
"summary": "SUSE Bug 1207922",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "self",
"summary": "SUSE Bug 1210628",
"url": "https://bugzilla.suse.com/1210628"
},
{
"category": "self",
"summary": "SUSE Bug 1210631",
"url": "https://bugzilla.suse.com/1210631"
},
{
"category": "self",
"summary": "SUSE Bug 1210632",
"url": "https://bugzilla.suse.com/1210632"
},
{
"category": "self",
"summary": "SUSE Bug 1210634",
"url": "https://bugzilla.suse.com/1210634"
},
{
"category": "self",
"summary": "SUSE Bug 1210635",
"url": "https://bugzilla.suse.com/1210635"
},
{
"category": "self",
"summary": "SUSE Bug 1210636",
"url": "https://bugzilla.suse.com/1210636"
},
{
"category": "self",
"summary": "SUSE Bug 1210637",
"url": "https://bugzilla.suse.com/1210637"
},
{
"category": "self",
"summary": "SUSE Bug 1211615",
"url": "https://bugzilla.suse.com/1211615"
},
{
"category": "self",
"summary": "SUSE Bug 1213470",
"url": "https://bugzilla.suse.com/1213470"
},
{
"category": "self",
"summary": "SUSE Bug 1213473",
"url": "https://bugzilla.suse.com/1213473"
},
{
"category": "self",
"summary": "SUSE Bug 1213474",
"url": "https://bugzilla.suse.com/1213474"
},
{
"category": "self",
"summary": "SUSE Bug 1213475",
"url": "https://bugzilla.suse.com/1213475"
},
{
"category": "self",
"summary": "SUSE Bug 1213481",
"url": "https://bugzilla.suse.com/1213481"
},
{
"category": "self",
"summary": "SUSE Bug 1213482",
"url": "https://bugzilla.suse.com/1213482"
},
{
"category": "self",
"summary": "SUSE Bug 1216374",
"url": "https://bugzilla.suse.com/1216374"
},
{
"category": "self",
"summary": "SUSE Bug 1217214",
"url": "https://bugzilla.suse.com/1217214"
},
{
"category": "self",
"summary": "SUSE Bug 1218903",
"url": "https://bugzilla.suse.com/1218903"
},
{
"category": "self",
"summary": "SUSE Bug 1218905",
"url": "https://bugzilla.suse.com/1218905"
},
{
"category": "self",
"summary": "SUSE Bug 1218906",
"url": "https://bugzilla.suse.com/1218906"
},
{
"category": "self",
"summary": "SUSE Bug 1218907",
"url": "https://bugzilla.suse.com/1218907"
},
{
"category": "self",
"summary": "SUSE Bug 1218909",
"url": "https://bugzilla.suse.com/1218909"
},
{
"category": "self",
"summary": "SUSE Bug 1218911",
"url": "https://bugzilla.suse.com/1218911"
},
{
"category": "self",
"summary": "SUSE Bug 1222979",
"url": "https://bugzilla.suse.com/1222979"
},
{
"category": "self",
"summary": "SUSE Bug 1222983",
"url": "https://bugzilla.suse.com/1222983"
},
{
"category": "self",
"summary": "SUSE Bug 1222984",
"url": "https://bugzilla.suse.com/1222984"
},
{
"category": "self",
"summary": "SUSE Bug 1222986",
"url": "https://bugzilla.suse.com/1222986"
},
{
"category": "self",
"summary": "SUSE Bug 1222987",
"url": "https://bugzilla.suse.com/1222987"
},
{
"category": "self",
"summary": "SUSE Bug 1225470",
"url": "https://bugzilla.suse.com/1225470"
},
{
"category": "self",
"summary": "SUSE Bug 1228046",
"url": "https://bugzilla.suse.com/1228046"
},
{
"category": "self",
"summary": "SUSE Bug 1228047",
"url": "https://bugzilla.suse.com/1228047"
},
{
"category": "self",
"summary": "SUSE Bug 1228048",
"url": "https://bugzilla.suse.com/1228048"
},
{
"category": "self",
"summary": "SUSE Bug 1228050",
"url": "https://bugzilla.suse.com/1228050"
},
{
"category": "self",
"summary": "SUSE Bug 1228051",
"url": "https://bugzilla.suse.com/1228051"
},
{
"category": "self",
"summary": "SUSE Bug 1228052",
"url": "https://bugzilla.suse.com/1228052"
},
{
"category": "self",
"summary": "SUSE Bug 1231702",
"url": "https://bugzilla.suse.com/1231702"
},
{
"category": "self",
"summary": "SUSE Bug 1231711",
"url": "https://bugzilla.suse.com/1231711"
},
{
"category": "self",
"summary": "SUSE Bug 1231716",
"url": "https://bugzilla.suse.com/1231716"
},
{
"category": "self",
"summary": "SUSE Bug 1231719",
"url": "https://bugzilla.suse.com/1231719"
},
{
"category": "self",
"summary": "SUSE Bug 1236278",
"url": "https://bugzilla.suse.com/1236278"
},
{
"category": "self",
"summary": "SUSE Bug 1236804",
"url": "https://bugzilla.suse.com/1236804"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2020-14803 page",
"url": "https://www.suse.com/security/cve/CVE-2020-14803/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2021-41041 page",
"url": "https://www.suse.com/security/cve/CVE-2021-41041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21426 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21426/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21434 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21434/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21443 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21443/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21476 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21476/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21496 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21496/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21540 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21540/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21541 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21541/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21618 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21618/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21619 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21619/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21624 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21624/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21626 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21626/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-21628 page",
"url": "https://www.suse.com/security/cve/CVE-2022-21628/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-34169 page",
"url": "https://www.suse.com/security/cve/CVE-2022-34169/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-3676 page",
"url": "https://www.suse.com/security/cve/CVE-2022-3676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2022-39399 page",
"url": "https://www.suse.com/security/cve/CVE-2022-39399/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21835 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21835/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21843 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21930 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21930/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21937 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21937/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21938 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21938/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21939 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21939/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21954 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21954/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21967 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21967/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-21968 page",
"url": "https://www.suse.com/security/cve/CVE-2023-21968/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22006 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22006/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22036 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22041 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22041/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22045 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22045/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22049 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-22081 page",
"url": "https://www.suse.com/security/cve/CVE-2023-22081/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-25193 page",
"url": "https://www.suse.com/security/cve/CVE-2023-25193/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-2597 page",
"url": "https://www.suse.com/security/cve/CVE-2023-2597/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2023-5676 page",
"url": "https://www.suse.com/security/cve/CVE-2023-5676/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20918 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20918/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20919 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20919/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20921 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20921/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20926 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20926/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20945 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20945/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-20952 page",
"url": "https://www.suse.com/security/cve/CVE-2024-20952/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21011 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21011/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21012 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21012/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21068 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21085 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21085/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21094 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21131 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21131/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21138 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21138/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21140 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21140/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21144 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21144/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21145 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21145/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21147 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21147/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21208 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21208/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21210 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21210/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21217 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21217/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-21235 page",
"url": "https://www.suse.com/security/cve/CVE-2024-21235/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2024-3933 page",
"url": "https://www.suse.com/security/cve/CVE-2024-3933/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-21502 page",
"url": "https://www.suse.com/security/cve/CVE-2025-21502/"
}
],
"title": "Security update for java-11-openj9",
"tracking": {
"current_release_date": "2025-02-18T16:58:15Z",
"generator": {
"date": "2025-02-18T16:58:15Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "openSUSE-SU-2025:0066-1",
"initial_release_date": "2025-02-18T16:58:15Z",
"revision_history": [
{
"date": "2025-02-18T16:58:15Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"product": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"product_id": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"product": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"product_id": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"product": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"product_id": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"product": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"product_id": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"product": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"product_id": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"product": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"product_id": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"product": {
"name": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"product_id": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"product": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"product_id": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"product": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"product_id": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"product": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"product_id": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"product": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"product_id": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"product": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"product_id": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"product": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"product_id": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le"
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"product": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"product_id": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"product": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"product_id": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"product": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"product_id": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"product": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"product_id": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"product": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"product_id": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"product": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"product_id": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"product": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"product_id": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"product": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"product_id": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"product": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"product_id": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"product": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"product_id": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"product": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"product_id": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64"
}
},
{
"category": "product_version",
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"product": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"product_id": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Package Hub 15 SP6",
"product": {
"name": "SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6"
}
},
{
"category": "product_name",
"name": "openSUSE Leap 15.6",
"product": {
"name": "openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6",
"product_identification_helper": {
"cpe": "cpe:/o:opensuse:leap:15.6"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch"
},
"product_reference": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64 as component of SUSE Package Hub 15 SP6",
"product_id": "SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "SUSE Package Hub 15 SP6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch"
},
"product_reference": "java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"relates_to_product_reference": "openSUSE Leap 15.6"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64 as component of openSUSE Leap 15.6",
"product_id": "openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
},
"product_reference": "java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"relates_to_product_reference": "openSUSE Leap 15.6"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2020-14803",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2020-14803"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 11.0.8 and 15. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2020-14803",
"url": "https://www.suse.com/security/cve/CVE-2020-14803"
},
{
"category": "external",
"summary": "SUSE Bug 1177943 for CVE-2020-14803",
"url": "https://bugzilla.suse.com/1177943"
},
{
"category": "external",
"summary": "SUSE Bug 1181239 for CVE-2020-14803",
"url": "https://bugzilla.suse.com/1181239"
},
{
"category": "external",
"summary": "SUSE Bug 1182186 for CVE-2020-14803",
"url": "https://bugzilla.suse.com/1182186"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2020-14803"
},
{
"cve": "CVE-2021-41041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2021-41041"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Openj9 before version 0.32.0, Java 8 \u0026 11 fail to throw the exception captured during bytecode verification when verification is triggered by a MethodHandle invocation, allowing unverified methods to be invoked using MethodHandles.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2021-41041",
"url": "https://www.suse.com/security/cve/CVE-2021-41041"
},
{
"category": "external",
"summary": "SUSE Bug 1198935 for CVE-2021-41041",
"url": "https://bugzilla.suse.com/1198935"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2021-41041"
},
{
"cve": "CVE-2022-21426",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21426"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21426",
"url": "https://www.suse.com/security/cve/CVE-2022-21426"
},
{
"category": "external",
"summary": "SUSE Bug 1198672 for CVE-2022-21426",
"url": "https://bugzilla.suse.com/1198672"
},
{
"category": "external",
"summary": "SUSE Bug 1201643 for CVE-2022-21426",
"url": "https://bugzilla.suse.com/1201643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21426"
},
{
"cve": "CVE-2022-21434",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21434"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21434",
"url": "https://www.suse.com/security/cve/CVE-2022-21434"
},
{
"category": "external",
"summary": "SUSE Bug 1198674 for CVE-2022-21434",
"url": "https://bugzilla.suse.com/1198674"
},
{
"category": "external",
"summary": "SUSE Bug 1201643 for CVE-2022-21434",
"url": "https://bugzilla.suse.com/1201643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21434"
},
{
"cve": "CVE-2022-21443",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21443"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21443",
"url": "https://www.suse.com/security/cve/CVE-2022-21443"
},
{
"category": "external",
"summary": "SUSE Bug 1198675 for CVE-2022-21443",
"url": "https://bugzilla.suse.com/1198675"
},
{
"category": "external",
"summary": "SUSE Bug 1201643 for CVE-2022-21443",
"url": "https://bugzilla.suse.com/1201643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2022-21443"
},
{
"cve": "CVE-2022-21476",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21476"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21476",
"url": "https://www.suse.com/security/cve/CVE-2022-21476"
},
{
"category": "external",
"summary": "SUSE Bug 1198671 for CVE-2022-21476",
"url": "https://bugzilla.suse.com/1198671"
},
{
"category": "external",
"summary": "SUSE Bug 1201643 for CVE-2022-21476",
"url": "https://bugzilla.suse.com/1201643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2022-21476"
},
{
"cve": "CVE-2022-21496",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21496"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21496",
"url": "https://www.suse.com/security/cve/CVE-2022-21496"
},
{
"category": "external",
"summary": "SUSE Bug 1198673 for CVE-2022-21496",
"url": "https://bugzilla.suse.com/1198673"
},
{
"category": "external",
"summary": "SUSE Bug 1201643 for CVE-2022-21496",
"url": "https://bugzilla.suse.com/1201643"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21496"
},
{
"cve": "CVE-2022-21540",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21540"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21540",
"url": "https://www.suse.com/security/cve/CVE-2022-21540"
},
{
"category": "external",
"summary": "SUSE Bug 1201694 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1201694"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21540",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21540"
},
{
"cve": "CVE-2022-21541",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21541"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21541",
"url": "https://www.suse.com/security/cve/CVE-2022-21541"
},
{
"category": "external",
"summary": "SUSE Bug 1201692 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1201692"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-21541",
"url": "https://bugzilla.suse.com/1202427"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21541"
},
{
"cve": "CVE-2022-21618",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21618"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21618",
"url": "https://www.suse.com/security/cve/CVE-2022-21618"
},
{
"category": "external",
"summary": "SUSE Bug 1204468 for CVE-2022-21618",
"url": "https://bugzilla.suse.com/1204468"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21618",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21618"
},
{
"cve": "CVE-2022-21619",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21619"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21619",
"url": "https://www.suse.com/security/cve/CVE-2022-21619"
},
{
"category": "external",
"summary": "SUSE Bug 1204473 for CVE-2022-21619",
"url": "https://bugzilla.suse.com/1204473"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21619",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2022-21619"
},
{
"cve": "CVE-2022-21624",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21624"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21624",
"url": "https://www.suse.com/security/cve/CVE-2022-21624"
},
{
"category": "external",
"summary": "SUSE Bug 1204475 for CVE-2022-21624",
"url": "https://bugzilla.suse.com/1204475"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21624",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2022-21624"
},
{
"cve": "CVE-2022-21626",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21626"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21626",
"url": "https://www.suse.com/security/cve/CVE-2022-21626"
},
{
"category": "external",
"summary": "SUSE Bug 1204471 for CVE-2022-21626",
"url": "https://bugzilla.suse.com/1204471"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21626",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21626"
},
{
"cve": "CVE-2022-21628",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-21628"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-21628",
"url": "https://www.suse.com/security/cve/CVE-2022-21628"
},
{
"category": "external",
"summary": "SUSE Bug 1204472 for CVE-2022-21628",
"url": "https://bugzilla.suse.com/1204472"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-21628",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-21628"
},
{
"cve": "CVE-2022-34169",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-34169"
}
],
"notes": [
{
"category": "general",
"text": "The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-34169",
"url": "https://www.suse.com/security/cve/CVE-2022-34169"
},
{
"category": "external",
"summary": "SUSE Bug 1201684 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1201684"
},
{
"category": "external",
"summary": "SUSE Bug 1202427 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1202427"
},
{
"category": "external",
"summary": "SUSE Bug 1207688 for CVE-2022-34169",
"url": "https://bugzilla.suse.com/1207688"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2022-34169"
},
{
"cve": "CVE-2022-3676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-3676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Openj9 before version 0.35.0, interface calls can be inlined without a runtime type check. Malicious bytecode could make use of this inlining to access or modify memory via an incompatible type.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-3676",
"url": "https://www.suse.com/security/cve/CVE-2022-3676"
},
{
"category": "external",
"summary": "SUSE Bug 1204703 for CVE-2022-3676",
"url": "https://bugzilla.suse.com/1204703"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2022-3676"
},
{
"cve": "CVE-2022-39399",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2022-39399"
}
],
"notes": [
{
"category": "general",
"text": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2022-39399",
"url": "https://www.suse.com/security/cve/CVE-2022-39399"
},
{
"category": "external",
"summary": "SUSE Bug 1204480 for CVE-2022-39399",
"url": "https://bugzilla.suse.com/1204480"
},
{
"category": "external",
"summary": "SUSE Bug 1205302 for CVE-2022-39399",
"url": "https://bugzilla.suse.com/1205302"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2022-39399"
},
{
"cve": "CVE-2023-21835",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21835"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21835",
"url": "https://www.suse.com/security/cve/CVE-2023-21835"
},
{
"category": "external",
"summary": "SUSE Bug 1207246 for CVE-2023-21835",
"url": "https://bugzilla.suse.com/1207246"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-21835"
},
{
"cve": "CVE-2023-21843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21843"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21843",
"url": "https://www.suse.com/security/cve/CVE-2023-21843"
},
{
"category": "external",
"summary": "SUSE Bug 1207248 for CVE-2023-21843",
"url": "https://bugzilla.suse.com/1207248"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-21843"
},
{
"cve": "CVE-2023-21930",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21930"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21930",
"url": "https://www.suse.com/security/cve/CVE-2023-21930"
},
{
"category": "external",
"summary": "SUSE Bug 1210628 for CVE-2023-21930",
"url": "https://bugzilla.suse.com/1210628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2023-21930"
},
{
"cve": "CVE-2023-21937",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21937"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21937",
"url": "https://www.suse.com/security/cve/CVE-2023-21937"
},
{
"category": "external",
"summary": "SUSE Bug 1210631 for CVE-2023-21937",
"url": "https://bugzilla.suse.com/1210631"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-21937"
},
{
"cve": "CVE-2023-21938",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21938"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21938",
"url": "https://www.suse.com/security/cve/CVE-2023-21938"
},
{
"category": "external",
"summary": "SUSE Bug 1210632 for CVE-2023-21938",
"url": "https://bugzilla.suse.com/1210632"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-21938"
},
{
"cve": "CVE-2023-21939",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21939"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21939",
"url": "https://www.suse.com/security/cve/CVE-2023-21939"
},
{
"category": "external",
"summary": "SUSE Bug 1210634 for CVE-2023-21939",
"url": "https://bugzilla.suse.com/1210634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-21939"
},
{
"cve": "CVE-2023-21954",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21954"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21954",
"url": "https://www.suse.com/security/cve/CVE-2023-21954"
},
{
"category": "external",
"summary": "SUSE Bug 1210635 for CVE-2023-21954",
"url": "https://bugzilla.suse.com/1210635"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-21954"
},
{
"cve": "CVE-2023-21967",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21967"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21967",
"url": "https://www.suse.com/security/cve/CVE-2023-21967"
},
{
"category": "external",
"summary": "SUSE Bug 1210636 for CVE-2023-21967",
"url": "https://bugzilla.suse.com/1210636"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-21967"
},
{
"cve": "CVE-2023-21968",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-21968"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-21968",
"url": "https://www.suse.com/security/cve/CVE-2023-21968"
},
{
"category": "external",
"summary": "SUSE Bug 1210637 for CVE-2023-21968",
"url": "https://bugzilla.suse.com/1210637"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-21968"
},
{
"cve": "CVE-2023-22006",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22006"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22006",
"url": "https://www.suse.com/security/cve/CVE-2023-22006"
},
{
"category": "external",
"summary": "SUSE Bug 1213473 for CVE-2023-22006",
"url": "https://bugzilla.suse.com/1213473"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.1,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-22006"
},
{
"cve": "CVE-2023-22036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22036"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22036",
"url": "https://www.suse.com/security/cve/CVE-2023-22036"
},
{
"category": "external",
"summary": "SUSE Bug 1213474 for CVE-2023-22036",
"url": "https://bugzilla.suse.com/1213474"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-22036"
},
{
"cve": "CVE-2023-22041",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22041"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22041",
"url": "https://www.suse.com/security/cve/CVE-2023-22041"
},
{
"category": "external",
"summary": "SUSE Bug 1213475 for CVE-2023-22041",
"url": "https://bugzilla.suse.com/1213475"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-22041"
},
{
"cve": "CVE-2023-22045",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22045"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22045",
"url": "https://www.suse.com/security/cve/CVE-2023-22045"
},
{
"category": "external",
"summary": "SUSE Bug 1213481 for CVE-2023-22045",
"url": "https://bugzilla.suse.com/1213481"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-22045"
},
{
"cve": "CVE-2023-22049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22049"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22049",
"url": "https://www.suse.com/security/cve/CVE-2023-22049"
},
{
"category": "external",
"summary": "SUSE Bug 1213482 for CVE-2023-22049",
"url": "https://bugzilla.suse.com/1213482"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2023-22049"
},
{
"cve": "CVE-2023-22081",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-22081"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-22081",
"url": "https://www.suse.com/security/cve/CVE-2023-22081"
},
{
"category": "external",
"summary": "SUSE Bug 1216374 for CVE-2023-22081",
"url": "https://bugzilla.suse.com/1216374"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-22081"
},
{
"cve": "CVE-2023-25193",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-25193"
}
],
"notes": [
{
"category": "general",
"text": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-25193",
"url": "https://www.suse.com/security/cve/CVE-2023-25193"
},
{
"category": "external",
"summary": "SUSE Bug 1207922 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1207922"
},
{
"category": "external",
"summary": "SUSE Bug 1213939 for CVE-2023-25193",
"url": "https://bugzilla.suse.com/1213939"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2023-25193"
},
{
"cve": "CVE-2023-2597",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-2597"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse Openj9 before version 0.38.0, in the implementation of the shared cache (which is enabled by default in OpenJ9 builds) the size of a string is not properly checked against the size of the buffer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-2597",
"url": "https://www.suse.com/security/cve/CVE-2023-2597"
},
{
"category": "external",
"summary": "SUSE Bug 1211615 for CVE-2023-2597",
"url": "https://bugzilla.suse.com/1211615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2023-2597"
},
{
"cve": "CVE-2023-5676",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2023-5676"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2023-5676",
"url": "https://www.suse.com/security/cve/CVE-2023-5676"
},
{
"category": "external",
"summary": "SUSE Bug 1217214 for CVE-2023-5676",
"url": "https://bugzilla.suse.com/1217214"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2023-5676"
},
{
"cve": "CVE-2024-20918",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20918"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20918",
"url": "https://www.suse.com/security/cve/CVE-2024-20918"
},
{
"category": "external",
"summary": "SUSE Bug 1218907 for CVE-2024-20918",
"url": "https://bugzilla.suse.com/1218907"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20918",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2024-20918"
},
{
"cve": "CVE-2024-20919",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20919"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20919",
"url": "https://www.suse.com/security/cve/CVE-2024-20919"
},
{
"category": "external",
"summary": "SUSE Bug 1218903 for CVE-2024-20919",
"url": "https://bugzilla.suse.com/1218903"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20919",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-20919"
},
{
"cve": "CVE-2024-20921",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20921"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20921",
"url": "https://www.suse.com/security/cve/CVE-2024-20921"
},
{
"category": "external",
"summary": "SUSE Bug 1218905 for CVE-2024-20921",
"url": "https://bugzilla.suse.com/1218905"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20921",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-20921"
},
{
"cve": "CVE-2024-20926",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20926"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20926",
"url": "https://www.suse.com/security/cve/CVE-2024-20926"
},
{
"category": "external",
"summary": "SUSE Bug 1218906 for CVE-2024-20926",
"url": "https://bugzilla.suse.com/1218906"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20926",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-20926"
},
{
"cve": "CVE-2024-20945",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20945"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20945",
"url": "https://www.suse.com/security/cve/CVE-2024-20945"
},
{
"category": "external",
"summary": "SUSE Bug 1218909 for CVE-2024-20945",
"url": "https://bugzilla.suse.com/1218909"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20945",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-20945"
},
{
"cve": "CVE-2024-20952",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-20952"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-20952",
"url": "https://www.suse.com/security/cve/CVE-2024-20952"
},
{
"category": "external",
"summary": "SUSE Bug 1218911 for CVE-2024-20952",
"url": "https://bugzilla.suse.com/1218911"
},
{
"category": "external",
"summary": "SUSE Bug 1219843 for CVE-2024-20952",
"url": "https://bugzilla.suse.com/1219843"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2024-20952"
},
{
"cve": "CVE-2024-21011",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21011"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21011",
"url": "https://www.suse.com/security/cve/CVE-2024-21011"
},
{
"category": "external",
"summary": "SUSE Bug 1222979 for CVE-2024-21011",
"url": "https://bugzilla.suse.com/1222979"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21011"
},
{
"cve": "CVE-2024-21012",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21012"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21012",
"url": "https://www.suse.com/security/cve/CVE-2024-21012"
},
{
"category": "external",
"summary": "SUSE Bug 1222987 for CVE-2024-21012",
"url": "https://bugzilla.suse.com/1222987"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21012"
},
{
"cve": "CVE-2024-21068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21068"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21068",
"url": "https://www.suse.com/security/cve/CVE-2024-21068"
},
{
"category": "external",
"summary": "SUSE Bug 1222983 for CVE-2024-21068",
"url": "https://bugzilla.suse.com/1222983"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21068"
},
{
"cve": "CVE-2024-21085",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21085"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21085",
"url": "https://www.suse.com/security/cve/CVE-2024-21085"
},
{
"category": "external",
"summary": "SUSE Bug 1222984 for CVE-2024-21085",
"url": "https://bugzilla.suse.com/1222984"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21085"
},
{
"cve": "CVE-2024-21094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21094"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21094",
"url": "https://www.suse.com/security/cve/CVE-2024-21094"
},
{
"category": "external",
"summary": "SUSE Bug 1222986 for CVE-2024-21094",
"url": "https://bugzilla.suse.com/1222986"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21094"
},
{
"cve": "CVE-2024-21131",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21131"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21131",
"url": "https://www.suse.com/security/cve/CVE-2024-21131"
},
{
"category": "external",
"summary": "SUSE Bug 1228046 for CVE-2024-21131",
"url": "https://bugzilla.suse.com/1228046"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21131"
},
{
"cve": "CVE-2024-21138",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21138"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21138",
"url": "https://www.suse.com/security/cve/CVE-2024-21138"
},
{
"category": "external",
"summary": "SUSE Bug 1228047 for CVE-2024-21138",
"url": "https://bugzilla.suse.com/1228047"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "low"
}
],
"title": "CVE-2024-21138"
},
{
"cve": "CVE-2024-21140",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21140"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21140",
"url": "https://www.suse.com/security/cve/CVE-2024-21140"
},
{
"category": "external",
"summary": "SUSE Bug 1228048 for CVE-2024-21140",
"url": "https://bugzilla.suse.com/1228048"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21140"
},
{
"cve": "CVE-2024-21144",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21144"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21144",
"url": "https://www.suse.com/security/cve/CVE-2024-21144"
},
{
"category": "external",
"summary": "SUSE Bug 1228050 for CVE-2024-21144",
"url": "https://bugzilla.suse.com/1228050"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21144"
},
{
"cve": "CVE-2024-21145",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21145"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21145",
"url": "https://www.suse.com/security/cve/CVE-2024-21145"
},
{
"category": "external",
"summary": "SUSE Bug 1228051 for CVE-2024-21145",
"url": "https://bugzilla.suse.com/1228051"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21145"
},
{
"cve": "CVE-2024-21147",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21147"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21147",
"url": "https://www.suse.com/security/cve/CVE-2024-21147"
},
{
"category": "external",
"summary": "SUSE Bug 1228052 for CVE-2024-21147",
"url": "https://bugzilla.suse.com/1228052"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "important"
}
],
"title": "CVE-2024-21147"
},
{
"cve": "CVE-2024-21208",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21208"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21208",
"url": "https://www.suse.com/security/cve/CVE-2024-21208"
},
{
"category": "external",
"summary": "SUSE Bug 1231702 for CVE-2024-21208",
"url": "https://bugzilla.suse.com/1231702"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21208"
},
{
"cve": "CVE-2024-21210",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21210"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21210",
"url": "https://www.suse.com/security/cve/CVE-2024-21210"
},
{
"category": "external",
"summary": "SUSE Bug 1231711 for CVE-2024-21210",
"url": "https://bugzilla.suse.com/1231711"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21210"
},
{
"cve": "CVE-2024-21217",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21217"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21217",
"url": "https://www.suse.com/security/cve/CVE-2024-21217"
},
{
"category": "external",
"summary": "SUSE Bug 1231716 for CVE-2024-21217",
"url": "https://bugzilla.suse.com/1231716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.7,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21217"
},
{
"cve": "CVE-2024-21235",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-21235"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-21235",
"url": "https://www.suse.com/security/cve/CVE-2024-21235"
},
{
"category": "external",
"summary": "SUSE Bug 1231719 for CVE-2024-21235",
"url": "https://bugzilla.suse.com/1231719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-21235"
},
{
"cve": "CVE-2024-3933",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2024-3933"
}
],
"notes": [
{
"category": "general",
"text": "In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage [1], could allow access to a buffer with an incorrect length value when executing an arraycopy sequence while the Concurrent Scavenge Garbage Collection cycle is active and the source and destination memory regions for arraycopy overlap. This allows read and write to addresses beyond the end of the array range.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2024-3933",
"url": "https://www.suse.com/security/cve/CVE-2024-3933"
},
{
"category": "external",
"summary": "SUSE Bug 1225470 for CVE-2024-3933",
"url": "https://bugzilla.suse.com/1225470"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2024-3933"
},
{
"cve": "CVE-2025-21502",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-21502"
}
],
"notes": [
{
"category": "general",
"text": "unknown",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-21502",
"url": "https://www.suse.com/security/cve/CVE-2025-21502"
},
{
"category": "external",
"summary": "SUSE Bug 1236278 for CVE-2025-21502",
"url": "https://bugzilla.suse.com/1236278"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
},
"products": [
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"SUSE Package Hub 15 SP6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-demo-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-devel-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-headless-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-javadoc-11.0.26.0-bp156.4.3.1.noarch",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-jmods-11.0.26.0-bp156.4.3.1.x86_64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.aarch64",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.ppc64le",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.s390x",
"openSUSE Leap 15.6:java-11-openj9-src-11.0.26.0-bp156.4.3.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"date": "2025-02-18T16:58:15Z",
"details": "moderate"
}
],
"title": "CVE-2025-21502"
}
]
}
fkie_cve-2023-5676
Vulnerability from fkie_nvd
Published
2023-11-15 14:15
Modified
2024-11-21 08:42
Severity ?
4.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
5.9 (Medium) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
Summary
In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.
References
| URL | Tags | ||
|---|---|---|---|
| emo@eclipse.org | https://github.com/eclipse-openj9/openj9/pull/18085 | Issue Tracking, Patch | |
| emo@eclipse.org | https://gitlab.eclipse.org/security/cve-assignement/-/issues/13 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/eclipse-openj9/openj9/pull/18085 | Issue Tracking, Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | https://gitlab.eclipse.org/security/cve-assignement/-/issues/13 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*",
"matchCriteriaId": "D0B1C1DC-3572-4BD0-9AE4-32F62B970F6A",
"versionEndExcluding": "0.41.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n"
},
{
"lang": "es",
"value": "En Eclipse OpenJ9 anterior a la versi\u00f3n 0.41.0, la JVM puede verse forzada a un bloqueo de ocupaci\u00f3n infinita en un bloqueo de giro o una falla de segmentaci\u00f3n si se recibe una se\u00f1al de apagado (SIGTERM, SIGINT o SIGHUP) antes de que la JVM haya terminado de inicializarse."
}
],
"id": "CVE-2023-5676",
"lastModified": "2024-11-21T08:42:15.140",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.5,
"impactScore": 3.6,
"source": "emo@eclipse.org",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-11-15T14:15:07.683",
"references": [
{
"source": "emo@eclipse.org",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"source": "emo@eclipse.org",
"tags": [
"Vendor Advisory"
],
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
}
],
"sourceIdentifier": "emo@eclipse.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-364"
}
],
"source": "emo@eclipse.org",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
ghsa-5ch2-qvr7-76ch
Vulnerability from github
Published
2023-11-15 15:30
Modified
2023-11-15 15:30
Severity ?
VLAI Severity ?
Details
In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.
{
"affected": [],
"aliases": [
"CVE-2023-5676"
],
"database_specific": {
"cwe_ids": [
"CWE-362",
"CWE-364"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2023-11-15T14:15:07Z",
"severity": "MODERATE"
},
"details": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"id": "GHSA-5ch2-qvr7-76ch",
"modified": "2023-11-15T15:30:21Z",
"published": "2023-11-15T15:30:21Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2023-5676"
},
{
"type": "WEB",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"type": "WEB",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2023-5676
Vulnerability from gsd
Modified
2023-12-13 01:20
Details
In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2023-5676",
"id": "GSD-2023-5676"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2023-5676"
],
"details": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n",
"id": "GSD-2023-5676",
"modified": "2023-12-13T01:20:50.811462Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2023-5676",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "OpenJ9",
"version": {
"version_data": [
{
"version_affected": "\u003c",
"version_name": "0",
"version_value": "0.41.0"
}
]
}
}
]
},
"vendor_name": "Eclipse Foundation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"impact": {
"cvss": [
{
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"cweId": "CWE-364",
"lang": "eng",
"value": "CWE-364: Signal Handler Race Condition"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse-openj9/openj9/pull/18085",
"refsource": "MISC",
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"name": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13",
"refsource": "MISC",
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
}
]
},
"source": {
"discovery": "UNKNOWN"
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:eclipse:openj9:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "0.41.0",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "security@eclipse.org",
"ID": "CVE-2023-5676"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "In Eclipse OpenJ9 before version 0.41.0, the JVM can be forced into an infinite busy hang on a spinlock or a segmentation fault if a shutdown signal (SIGTERM, SIGINT or SIGHUP) is received before the JVM has finished initializing.\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-362"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/eclipse-openj9/openj9/pull/18085",
"refsource": "",
"tags": [
"Issue Tracking",
"Patch"
],
"url": "https://github.com/eclipse-openj9/openj9/pull/18085"
},
{
"name": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13",
"refsource": "",
"tags": [
"Vendor Advisory"
],
"url": "https://gitlab.eclipse.org/security/cve-assignement/-/issues/13"
}
]
}
},
"impact": {
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6
}
},
"lastModifiedDate": "2023-11-22T22:39Z",
"publishedDate": "2023-11-15T14:15Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…