Oracle

Openjdk

98 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-20264

  • EPSS 0.09%
  • Published 06.10.2021 16:15:07
  • Last modified 21.11.2024 05:46:14

An insecure modification flaw in the /etc/passwd file was found in the openjdk-1.8 and openjdk-11 containers. This flaw allows an attacker with access to the container to modify the /etc/passwd and escalate their privileges. The highest threat from t...

5.1

CVE-2021-2388

  • EPSS 0.69%
  • Published 21.07.2021 15:15:40
  • Last modified 27.05.2025 16:45:29

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult ...

4.3

CVE-2021-2369

  • EPSS 0.32%
  • Published 21.07.2021 15:15:31
  • Last modified 27.05.2025 16:44:57

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Eas...

4.3

CVE-2021-2341

  • EPSS 0.32%
  • Published 21.07.2021 15:15:17
  • Last modified 27.05.2025 16:47:32

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. ...

5.5

CVE-2021-32553

  • EPSS 0.05%
  • Published 12.06.2021 04:15:12
  • Last modified 21.11.2024 06:07:15

It was discovered that read_file() in apport/hookutils.py would follow symbolic links or open FIFOs. When this function is used by the openjdk-17 package apport hooks, it could expose private data to other local users.

5.5

CVE-2021-3522

  • EPSS 0.11%
  • Published 02.06.2021 15:15:07
  • Last modified 21.11.2024 06:21:45

GStreamer before 1.18.4 may perform an out-of-bounds read when handling certain ID3v2 tags.

8.6

CVE-2021-3517

  • EPSS 0.09%
  • Published 19.05.2021 14:15:07
  • Last modified 21.11.2024 06:21:44

There is a flaw in the xml entity encoding functionality of libxml2 in versions before 2.9.11. An attacker who is able to supply a crafted file to be processed by an application linked with the affected functionality of libxml2 could trigger an out-o...

5.9

CVE-2021-3537

  • EPSS 0.11%
  • Published 14.05.2021 20:15:16
  • Last modified 21.11.2024 06:21:47

A vulnerability found in libxml2 in versions before 2.9.11 shows that it did not propagate errors while parsing XML mixed content, causing a NULL dereference. If an untrusted XML document was parsed in recovery mode and post-validated, the flaw could...

2.6

CVE-2021-2163

  • EPSS 0.11%
  • Published 22.04.2021 22:15:13
  • Last modified 21.11.2024 06:02:30

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM E...

4.3

CVE-2021-2161

  • EPSS 0.27%
  • Published 22.04.2021 22:15:13
  • Last modified 21.11.2024 06:02:30

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.0.10, 16; Java SE Embedded: 8u281; Oracle GraalVM E...