Action not permitted
Modal body text goes here.
cve-2018-2657
Vulnerability from cvelistv5
Published
2018-01-18 02:00
Modified
2024-10-03 20:36
Severity ?
EPSS score ?
Summary
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| ▼ | Vendor | Product |
|---|---|---|
| Oracle Corporation | Java |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T04:21:34.733Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/102629"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2018-2657",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-03T19:12:40.369651Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-03T20:36:25.506Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Java",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "Java SE: 6u171"
},
{
"status": "affected",
"version": "7u161; JRockit: R28.3.16"
}
]
}
],
"datePublic": "2018-01-03T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit.",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-03-15T09:57:01",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/102629"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102629"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2018-2657",
"datePublished": "2018-01-18T02:00:00",
"dateReserved": "2017-12-15T00:00:00",
"dateUpdated": "2024-10-03T20:36:25.506Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2018-2657\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2018-01-18T02:29:21.743\",\"lastModified\":\"2022-05-13T14:57:22.230\",\"vulnStatus\":\"Analyzed\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en los componentes Java SE, y JRockit de Oracle Java SE (subcomponente: Serialization). Las versiones compatibles que se han visto afectadas son JavaSE: 6u171 y 7u161; JRockit: R28.3.16. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante sin autenticar que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de Java SE y JRockit. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a que el atacante consiga provocar una denegaci\u00f3n de servicio parcial (DoS parcial) de Java SE y JRockit. Nota: Esta vulnerabilidad s\u00f3lo puede ser explotada proporcionando datos a las API en los Componentes especificados sin emplear aplicaciones Java Web Start que no son de confianza o applets Java que no son de confianza, como a trav\u00e9s de un servicio web. CVSS 3.0 Base Score 5.3 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB929C7D-A5EE-4603-9414-E535408B41A1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AA4AF8B-2E5E-4A5E-8930-B53A01A22C78\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*\",\"matchCriteriaId\":\"A86C2A04-A51C-403A-AAB5-81872453022D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*\",\"matchCriteriaId\":\"32F5FDBE-ED30-48A9-B130-A48309C7D2CD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7283D6DD-DBFA-456F-9381-692B605B5625\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D4840254-CC76-4113-BC61-360BD15582B9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"85EA16E0-9261-45C4-840F-5366E9EAC5E1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F4F86C3C-B99C-44C6-97D7-163DC3F59687\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9BBCD86A-E6C7-4444-9D74-F861084090F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"51EF4996-72F4-4FA4-814F-F5991E7A8318\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E5ED5807-55B7-47C5-97A6-03233F4FBC3A\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"7.6.0\",\"matchCriteriaId\":\"6CB56955-1A47-4F6C-A354-8BBAE7534504\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.6.2-01\",\"matchCriteriaId\":\"F5B13AEB-7C8C-49EB-BD13-CBA12CA529BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.6.2-01\",\"matchCriteriaId\":\"DA653F23-232D-4086-B9A4-4D809C87D9F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*\",\"versionStartIncluding\":\"8.6.2-01\",\"matchCriteriaId\":\"E92000F8-241D-4731-809F-C1D32F99AF9A\"}]}]}],\"references\":[{\"url\":\"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.securityfocus.com/bid/102629\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securitytracker.com/id/1040203\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0100\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0115\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0458\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:0521\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1463\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2018:1812\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180117-0001/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]}]}}"
}
}
rhsa-2018_0115
Vulnerability from csaf_redhat
Published
2018-01-22 20:40
Modified
2024-11-05 20:21
Summary
Red Hat Security Advisory: java-1.6.0-sun security update
Notes
Topic
An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 6 to version 6 Update 181.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.6.0-sun is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 6 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 6 to version 6 Update 181.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0115",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_181",
"url": "http://www.oracle.com/technetwork/java/javase/documentation/overview-156328.html#R160_181"
},
{
"category": "external",
"summary": "1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0115.json"
}
],
"title": "Red Hat Security Advisory: java-1.6.0-sun security update",
"tracking": {
"current_release_date": "2024-11-05T20:21:24+00:00",
"generator": {
"date": "2024-11-05T20:21:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:0115",
"initial_release_date": "2018-01-22T20:40:50+00:00",
"revision_history": [
{
"date": "2018-01-22T20:40:50+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-01-22T20:40:50+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:21:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.2.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.1.el6?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.2.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.2.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"product": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"product_id": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"product": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"product_id": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-devel@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"product": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"product_id": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-src@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"product": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"product_id": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-demo@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"product": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"product_id": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-jdbc@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"product": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"product_id": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.6.0-sun-plugin@1.6.0.181-1jpp.1.el6?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
},
"product_reference": "java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-2579",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2579"
},
{
"category": "external",
"summary": "RHBZ#1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)"
},
{
"cve": "CVE-2018-2588",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534299"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2588"
},
{
"category": "external",
"summary": "RHBZ#1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)"
},
{
"cve": "CVE-2018-2599",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534543"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2599"
},
{
"category": "external",
"summary": "RHBZ#1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)"
},
{
"cve": "CVE-2018-2602",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534525"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2602"
},
{
"category": "external",
"summary": "RHBZ#1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)"
},
{
"cve": "CVE-2018-2603",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534553"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2603"
},
{
"category": "external",
"summary": "RHBZ#1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)"
},
{
"cve": "CVE-2018-2618",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534762"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2618"
},
{
"category": "external",
"summary": "RHBZ#1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)"
},
{
"cve": "CVE-2018-2629",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534625"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2629"
},
{
"category": "external",
"summary": "RHBZ#1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)"
},
{
"cve": "CVE-2018-2633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535036"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2633"
},
{
"category": "external",
"summary": "RHBZ#1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)"
},
{
"cve": "CVE-2018-2637",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534970"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2637"
},
{
"category": "external",
"summary": "RHBZ#1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)"
},
{
"cve": "CVE-2018-2641",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534766"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2641"
},
{
"category": "external",
"summary": "RHBZ#1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)"
},
{
"cve": "CVE-2018-2657",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2657"
},
{
"category": "external",
"summary": "RHBZ#1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)"
},
{
"cve": "CVE-2018-2663",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534296"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2663"
},
{
"category": "external",
"summary": "RHBZ#1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)"
},
{
"cve": "CVE-2018-2677",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534288"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2677"
},
{
"category": "external",
"summary": "RHBZ#1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)"
},
{
"cve": "CVE-2018-2678",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534263"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2678"
},
{
"category": "external",
"summary": "RHBZ#1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-22T20:40:50+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Client-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Server-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.1.el6.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.i686",
"6Workstation-OracleJava-6.9.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.1.el6.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-demo-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-devel-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-jdbc-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-plugin-1:1.6.0.181-1jpp.2.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.6.0-sun-src-1:1.6.0.181-1jpp.2.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)"
}
]
}
rhsa-2018_1812
Vulnerability from csaf_redhat
Published
2018-06-07 16:05
Modified
2024-11-05 20:36
Summary
Red Hat Security Advisory: java-1.7.1-ibm security update
Notes
Topic
An update for java-1.7.1-ibm is now available for Red Hat Satellite 5.6 and Red Hat Satellite 5.7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.
Security Fix(es):
* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)
* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)
* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)
* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)
* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)
* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)
* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)
* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)
* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)
* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)
* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)
* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)
* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)
* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)
* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)
* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.1-ibm is now available for Red Hat Satellite 5.6 and Red Hat Satellite 5.7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1812",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "1535354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1812.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.1-ibm security update",
"tracking": {
"current_release_date": "2024-11-05T20:36:10+00:00",
"generator": {
"date": "2024-11-05T20:36:10+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:1812",
"initial_release_date": "2018-06-07T16:05:05+00:00",
"revision_history": [
{
"date": "2018-06-07T16:05:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-06-07T16:05:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:36:10+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.6::el6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Satellite 5.7 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.7::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.6 (RHEL v.6)",
"product_id": "6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Satellite56"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Satellite57"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Satellite 5.7 (RHEL v.6)",
"product_id": "6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Satellite57"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-2579",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2579"
},
{
"category": "external",
"summary": "RHBZ#1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)"
},
{
"cve": "CVE-2018-2581",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535354"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2581"
},
{
"category": "external",
"summary": "RHBZ#1535354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)"
},
{
"cve": "CVE-2018-2588",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534299"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2588"
},
{
"category": "external",
"summary": "RHBZ#1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)"
},
{
"cve": "CVE-2018-2599",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534543"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2599"
},
{
"category": "external",
"summary": "RHBZ#1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)"
},
{
"cve": "CVE-2018-2602",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534525"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2602"
},
{
"category": "external",
"summary": "RHBZ#1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)"
},
{
"cve": "CVE-2018-2603",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534553"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2603"
},
{
"category": "external",
"summary": "RHBZ#1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)"
},
{
"cve": "CVE-2018-2618",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534762"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2618"
},
{
"category": "external",
"summary": "RHBZ#1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)"
},
{
"cve": "CVE-2018-2629",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534625"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2629"
},
{
"category": "external",
"summary": "RHBZ#1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)"
},
{
"cve": "CVE-2018-2633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535036"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2633"
},
{
"category": "external",
"summary": "RHBZ#1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)"
},
{
"cve": "CVE-2018-2634",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534943"
}
],
"notes": [
{
"category": "description",
"text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2634"
},
{
"category": "external",
"summary": "RHBZ#1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)"
},
{
"cve": "CVE-2018-2637",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534970"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2637"
},
{
"category": "external",
"summary": "RHBZ#1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)"
},
{
"cve": "CVE-2018-2641",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534766"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2641"
},
{
"category": "external",
"summary": "RHBZ#1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)"
},
{
"cve": "CVE-2018-2657",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2657"
},
{
"category": "external",
"summary": "RHBZ#1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)"
},
{
"cve": "CVE-2018-2663",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534296"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2663"
},
{
"category": "external",
"summary": "RHBZ#1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)"
},
{
"cve": "CVE-2018-2677",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534288"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2677"
},
{
"category": "external",
"summary": "RHBZ#1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)"
},
{
"cve": "CVE-2018-2678",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534263"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2678"
},
{
"category": "external",
"summary": "RHBZ#1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-06-07T16:05:05+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect. For this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\").",
"product_ids": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite56:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Satellite57:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)"
}
]
}
rhsa-2018_1463
Vulnerability from csaf_redhat
Published
2018-05-15 15:30
Modified
2024-11-05 20:33
Summary
Red Hat Security Advisory: java-1.8.0-ibm security update
Notes
Topic
An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 8 to version 8 SR5-FP10.
Security Fix(es):
* IBM JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges (CVE-2018-1417)
* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2638)
* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2639)
* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)
* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer) (CVE-2018-2627)
* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)
* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)
* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)
* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)
* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)
* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)
* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)
* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)
* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)
* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)
* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)
* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)
* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)
* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)
* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)
* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.8.0-ibm is now available for Red Hat Satellite 5.8.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 8 to version 8 SR5-FP10.\n\nSecurity Fix(es):\n\n* IBM JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges (CVE-2018-1417)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2638)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment) (CVE-2018-2639)\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer) (CVE-2018-2627)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* Oracle JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX) (CVE-2018-2581)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* OpenJDK: GSS context use-after-free (JGSS, 8186212) (CVE-2018-2629)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:1463",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "1534768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768"
},
{
"category": "external",
"summary": "1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "1535350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535350"
},
{
"category": "external",
"summary": "1535351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535351"
},
{
"category": "external",
"summary": "1535352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535352"
},
{
"category": "external",
"summary": "1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "1535354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354"
},
{
"category": "external",
"summary": "1568966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1463.json"
}
],
"title": "Red Hat Security Advisory: java-1.8.0-ibm security update",
"tracking": {
"current_release_date": "2024-11-05T20:33:05+00:00",
"generator": {
"date": "2024-11-05T20:33:05+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:1463",
"initial_release_date": "2018-05-15T15:30:51+00:00",
"revision_history": [
{
"date": "2018-05-15T15:30:51+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-05-15T15:30:51+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:33:05+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Satellite 5.8 (RHEL v.6)",
"product": {
"name": "Red Hat Satellite 5.8 (RHEL v.6)",
"product_id": "6Server-Satellite58",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:network_satellite:5.8::el6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Satellite"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"product_id": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.10-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.10-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"product_id": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.10-1jpp.1.el6_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"product": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"product_id": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm-devel@1.8.0.5.10-1jpp.1.el6_9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"product": {
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"product_id": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.8.0-ibm@1.8.0.5.10-1jpp.1.el6_9?arch=src\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 (RHEL v.6)",
"product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"relates_to_product_reference": "6Server-Satellite58"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src as a component of Red Hat Satellite 5.8 (RHEL v.6)",
"product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"relates_to_product_reference": "6Server-Satellite58"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 (RHEL v.6)",
"product_id": "6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-Satellite58"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x as a component of Red Hat Satellite 5.8 (RHEL v.6)",
"product_id": "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"relates_to_product_reference": "6Server-Satellite58"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64 as a component of Red Hat Satellite 5.8 (RHEL v.6)",
"product_id": "6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-Satellite58"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1417",
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568966"
}
],
"notes": [
{
"category": "description",
"text": "Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1417"
},
{
"category": "external",
"summary": "RHBZ#1568966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1417",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417"
},
{
"category": "external",
"summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823"
}
],
"release_date": "2018-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges"
},
{
"cve": "CVE-2018-2579",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2579"
},
{
"category": "external",
"summary": "RHBZ#1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)"
},
{
"cve": "CVE-2018-2581",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535354"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2581"
},
{
"category": "external",
"summary": "RHBZ#1535354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)"
},
{
"cve": "CVE-2018-2582",
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534768"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2582"
},
{
"category": "external",
"summary": "RHBZ#1534768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)"
},
{
"cve": "CVE-2018-2588",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534299"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2588"
},
{
"category": "external",
"summary": "RHBZ#1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)"
},
{
"cve": "CVE-2018-2599",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534543"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2599"
},
{
"category": "external",
"summary": "RHBZ#1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)"
},
{
"cve": "CVE-2018-2602",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534525"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2602"
},
{
"category": "external",
"summary": "RHBZ#1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)"
},
{
"cve": "CVE-2018-2603",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534553"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2603"
},
{
"category": "external",
"summary": "RHBZ#1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)"
},
{
"cve": "CVE-2018-2618",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534762"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2618"
},
{
"category": "external",
"summary": "RHBZ#1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)"
},
{
"cve": "CVE-2018-2627",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535352"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to the Windows installer only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2627"
},
{
"category": "external",
"summary": "RHBZ#1535352",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535352"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2627",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2627"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2627",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2627"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)"
},
{
"cve": "CVE-2018-2629",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534625"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2629"
},
{
"category": "external",
"summary": "RHBZ#1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)"
},
{
"cve": "CVE-2018-2633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535036"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2633"
},
{
"category": "external",
"summary": "RHBZ#1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)"
},
{
"cve": "CVE-2018-2634",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534943"
}
],
"notes": [
{
"category": "description",
"text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2634"
},
{
"category": "external",
"summary": "RHBZ#1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)"
},
{
"cve": "CVE-2018-2637",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534970"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2637"
},
{
"category": "external",
"summary": "RHBZ#1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)"
},
{
"cve": "CVE-2018-2638",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535350"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2638"
},
{
"category": "external",
"summary": "RHBZ#1535350",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535350"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2638",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2638"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2638",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2638"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)"
},
{
"cve": "CVE-2018-2639",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535351"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2639"
},
{
"category": "external",
"summary": "RHBZ#1535351",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535351"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2639",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2639"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2639",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2639"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Deployment)"
},
{
"cve": "CVE-2018-2641",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534766"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2641"
},
{
"category": "external",
"summary": "RHBZ#1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)"
},
{
"cve": "CVE-2018-2657",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2657"
},
{
"category": "external",
"summary": "RHBZ#1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)"
},
{
"cve": "CVE-2018-2663",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534296"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2663"
},
{
"category": "external",
"summary": "RHBZ#1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)"
},
{
"cve": "CVE-2018-2677",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534288"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2677"
},
{
"category": "external",
"summary": "RHBZ#1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)"
},
{
"cve": "CVE-2018-2678",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534263"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2678"
},
{
"category": "external",
"summary": "RHBZ#1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-05-15T15:30:51+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nFor this update to take effect, Red Hat Satellite must be restarted (\"/usr/sbin/rhn-satellite restart\"). All running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.src",
"6Server-Satellite58:java-1.8.0-ibm-1:1.8.0.5.10-1jpp.1.el6_9.x86_64",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.s390x",
"6Server-Satellite58:java-1.8.0-ibm-devel-1:1.8.0.5.10-1jpp.1.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)"
}
]
}
rhsa-2018_0100
Vulnerability from csaf_redhat
Published
2018-01-18 21:55
Modified
2024-11-05 20:21
Summary
Red Hat Security Advisory: java-1.7.0-oracle security update
Notes
Topic
An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.
This update upgrades Oracle Java SE 7 to version 7 Update 171.
Security Fix(es):
* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2581, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.0-oracle is now available for Oracle Java for Red Hat Enterprise Linux 6 and Oracle Java for Red Hat Enterprise Linux 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Oracle Java SE version 7 includes the Oracle Java Runtime Environment and the Oracle Java Software Development Kit.\n\nThis update upgrades Oracle Java SE 7 to version 7 Update 171.\n\nSecurity Fix(es):\n\n* This update fixes multiple vulnerabilities in the Oracle Java Runtime Environment and the Oracle Java Software Development Kit. Further information about these flaws can be found on the Oracle Java SE Critical Patch Update Advisory page listed in the References section. (CVE-2018-2579, CVE-2018-2581, CVE-2018-2588, CVE-2018-2599, CVE-2018-2602, CVE-2018-2603, CVE-2018-2618, CVE-2018-2629, CVE-2018-2633, CVE-2018-2634, CVE-2018-2637, CVE-2018-2641, CVE-2018-2657, CVE-2018-2663, CVE-2018-2677, CVE-2018-2678)",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0100",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"category": "external",
"summary": "1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "1535354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_171",
"url": "http://www.oracle.com/technetwork/java/javaseproducts/documentation/javase7supportreleasenotes-1601161.html#R170_171"
},
{
"category": "external",
"summary": "1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0100.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.0-oracle security update",
"tracking": {
"current_release_date": "2024-11-05T20:21:20+00:00",
"generator": {
"date": "2024-11-05T20:21:20+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:0100",
"initial_release_date": "2018-01-18T21:55:56+00:00",
"revision_history": [
{
"date": "2018-01-18T21:55:56+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-01-18T21:55:56+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:21:20+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:7"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
},
{
"category": "product_name",
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product": {
"name": "Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras_oracle_java:6"
}
}
}
],
"category": "product_family",
"name": "Oracle Java for Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.171-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.171-1jpp.1.el6_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"product": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_id": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-devel@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"product": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_id": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"product": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_id": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-plugin@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"product": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_id": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-src@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"product": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_id": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-jdbc@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"product": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_id": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.0-oracle-javafx@1.7.0.171-1jpp.1.el6_9?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Desktop 6",
"product_id": "6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Client-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux HPC Node 6",
"product_id": "6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server 6",
"product_id": "6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Server-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation 6",
"product_id": "6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-OracleJava-6.9.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Client (v. 7)",
"product_id": "7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Compute Node (v. 7)",
"product_id": "7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Server (v. 7)",
"product_id": "7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64 as a component of Oracle Java for Red Hat Enterprise Linux Workstation (v. 7)",
"product_id": "7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-OracleJava-7.4.Z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-2579",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2579"
},
{
"category": "external",
"summary": "RHBZ#1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)"
},
{
"cve": "CVE-2018-2581",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535354"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2581"
},
{
"category": "external",
"summary": "RHBZ#1535354",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2581",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2581"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2581"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 7u171, 8u161, and 9.0.4 (JavaFX)"
},
{
"cve": "CVE-2018-2588",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534299"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2588"
},
{
"category": "external",
"summary": "RHBZ#1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)"
},
{
"cve": "CVE-2018-2599",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534543"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2599"
},
{
"category": "external",
"summary": "RHBZ#1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)"
},
{
"cve": "CVE-2018-2602",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534525"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2602"
},
{
"category": "external",
"summary": "RHBZ#1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)"
},
{
"cve": "CVE-2018-2603",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534553"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2603"
},
{
"category": "external",
"summary": "RHBZ#1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)"
},
{
"cve": "CVE-2018-2618",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534762"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2618"
},
{
"category": "external",
"summary": "RHBZ#1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)"
},
{
"cve": "CVE-2018-2629",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534625"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JGSS component of OpenJDK failed to properly handle GSS context in the native GSS library wrapper in certain cases. A remote attacker could possibly make a Java application using JGSS to use a previously freed context.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GSS context use-after-free (JGSS, 8186212)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2629"
},
{
"category": "external",
"summary": "RHBZ#1534625",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2629",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2629"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2629"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: GSS context use-after-free (JGSS, 8186212)"
},
{
"cve": "CVE-2018-2633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535036"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2633"
},
{
"category": "external",
"summary": "RHBZ#1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)"
},
{
"cve": "CVE-2018-2634",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534943"
}
],
"notes": [
{
"category": "description",
"text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2634"
},
{
"category": "external",
"summary": "RHBZ#1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)"
},
{
"cve": "CVE-2018-2637",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534970"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2637"
},
{
"category": "external",
"summary": "RHBZ#1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)"
},
{
"cve": "CVE-2018-2641",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534766"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2641"
},
{
"category": "external",
"summary": "RHBZ#1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)"
},
{
"cve": "CVE-2018-2657",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2657"
},
{
"category": "external",
"summary": "RHBZ#1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)"
},
{
"cve": "CVE-2018-2663",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534296"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2663"
},
{
"category": "external",
"summary": "RHBZ#1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)"
},
{
"cve": "CVE-2018-2677",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534288"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2677"
},
{
"category": "external",
"summary": "RHBZ#1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)"
},
{
"cve": "CVE-2018-2678",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534263"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2678"
},
{
"category": "external",
"summary": "RHBZ#1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)"
},
{
"cve": "CVE-2018-2783",
"discovery_date": "2018-04-17T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1569204"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2783"
},
{
"category": "external",
"summary": "RHBZ#1569204",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569204"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2783",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2783"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2783",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2783"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html#AppendixJAVA"
}
],
"release_date": "2018-04-17T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-01-18T21:55:56+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of Oracle Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Client-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6ComputeNode-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Server-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.i686",
"6Workstation-OracleJava-6.9.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el6_9.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Client-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7ComputeNode-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Server-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.i686",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-devel-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-javafx-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-jdbc-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-plugin-1:1.7.0.171-1jpp.1.el7.x86_64",
"7Workstation-OracleJava-7.4.Z:java-1.7.0-oracle-src-1:1.7.0.171-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)"
}
]
}
rhsa-2018_0458
Vulnerability from csaf_redhat
Published
2018-03-07 10:33
Modified
2024-11-05 20:24
Summary
Red Hat Security Advisory: java-1.7.1-ibm security update
Notes
Topic
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.
Security Fix(es):
* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)
* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)
* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)
* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)
* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)
* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)
* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)
* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)
* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)
* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)
* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)
* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)
* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)
* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)
* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 7 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0458",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "1534768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768"
},
{
"category": "external",
"summary": "1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0458.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.1-ibm security update",
"tracking": {
"current_release_date": "2024-11-05T20:24:53+00:00",
"generator": {
"date": "2024-11-05T20:24:53+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:0458",
"initial_release_date": "2018-03-07T10:33:13+00:00",
"revision_history": [
{
"date": "2018-03-07T10:33:13+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-07T10:33:13+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:24:53+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:7"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=s390\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=s390\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.1.el7?arch=ppc\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=ppc\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.1.el7?arch=ppc64le\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Client Supplementary (v. 7)",
"product_id": "7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Client-7.4.Z-Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux ComputeNode Supplementary (v. 7)",
"product_id": "7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7ComputeNode-7.4.Z-ComputeNode"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 7)",
"product_id": "7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Server-7.4.Z-Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 7)",
"product_id": "7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"relates_to_product_reference": "7Workstation-7.4.Z-Workstation"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1417",
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568966"
}
],
"notes": [
{
"category": "description",
"text": "Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1417"
},
{
"category": "external",
"summary": "RHBZ#1568966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1417",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417"
},
{
"category": "external",
"summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823"
}
],
"release_date": "2018-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges"
},
{
"cve": "CVE-2018-2579",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2579"
},
{
"category": "external",
"summary": "RHBZ#1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)"
},
{
"cve": "CVE-2018-2582",
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534768"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2582"
},
{
"category": "external",
"summary": "RHBZ#1534768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)"
},
{
"cve": "CVE-2018-2588",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534299"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2588"
},
{
"category": "external",
"summary": "RHBZ#1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)"
},
{
"cve": "CVE-2018-2599",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534543"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2599"
},
{
"category": "external",
"summary": "RHBZ#1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)"
},
{
"cve": "CVE-2018-2602",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534525"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2602"
},
{
"category": "external",
"summary": "RHBZ#1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)"
},
{
"cve": "CVE-2018-2603",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534553"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2603"
},
{
"category": "external",
"summary": "RHBZ#1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)"
},
{
"cve": "CVE-2018-2618",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534762"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2618"
},
{
"category": "external",
"summary": "RHBZ#1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)"
},
{
"cve": "CVE-2018-2633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535036"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2633"
},
{
"category": "external",
"summary": "RHBZ#1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)"
},
{
"cve": "CVE-2018-2634",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534943"
}
],
"notes": [
{
"category": "description",
"text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2634"
},
{
"category": "external",
"summary": "RHBZ#1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)"
},
{
"cve": "CVE-2018-2637",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534970"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2637"
},
{
"category": "external",
"summary": "RHBZ#1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)"
},
{
"cve": "CVE-2018-2641",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534766"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2641"
},
{
"category": "external",
"summary": "RHBZ#1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)"
},
{
"cve": "CVE-2018-2657",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2657"
},
{
"category": "external",
"summary": "RHBZ#1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)"
},
{
"cve": "CVE-2018-2663",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534296"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2663"
},
{
"category": "external",
"summary": "RHBZ#1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)"
},
{
"cve": "CVE-2018-2677",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534288"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2677"
},
{
"category": "external",
"summary": "RHBZ#1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)"
},
{
"cve": "CVE-2018-2678",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534263"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2678"
},
{
"category": "external",
"summary": "RHBZ#1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-07T10:33:13+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Client-7.4.Z-Client:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Client-7.4.Z-Client:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7ComputeNode-7.4.Z-ComputeNode:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Server-7.4.Z-Server:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Server-7.4.Z-Server:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.i686",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.ppc",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.1.el7.x86_64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.ppc64le",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.s390x",
"7Workstation-7.4.Z-Workstation:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.1.el7.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)"
}
]
}
rhsa-2018_0521
Vulnerability from csaf_redhat
Published
2018-03-14 15:23
Modified
2024-11-05 20:25
Summary
Red Hat Security Advisory: java-1.7.1-ibm security update
Notes
Topic
An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.
This update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.
Security Fix(es):
* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)
* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)
* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)
* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)
* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)
* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)
* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)
* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)
* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)
* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)
* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)
* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)
* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)
* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)
* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for java-1.7.1-ibm is now available for Red Hat Enterprise Linux 6 Supplementary.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit.\n\nThis update upgrades IBM Java SE 7 to version 7R1 SR4-FP20.\n\nSecurity Fix(es):\n\n* OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962) (CVE-2018-2582)\n\n* OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606) (CVE-2018-2633)\n\n* OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600) (CVE-2018-2634)\n\n* OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998) (CVE-2018-2637)\n\n* OpenJDK: GTK library loading use-after-free (AWT, 8185325) (CVE-2018-2641)\n\n* OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449) (CVE-2018-2588)\n\n* OpenJDK: DnsClient missing source port randomization (JNDI, 8182125) (CVE-2018-2599)\n\n* OpenJDK: loading of classes from untrusted locations (I18n, 8182601) (CVE-2018-2602)\n\n* OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387) (CVE-2018-2603)\n\n* OpenJDK: insufficient strength of key agreement (JCE, 8185292) (CVE-2018-2618)\n\n* Oracle JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization) (CVE-2018-2657)\n\n* OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284) (CVE-2018-2663)\n\n* OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289) (CVE-2018-2677)\n\n* OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142) (CVE-2018-2678)\n\n* OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525) (CVE-2018-2579)\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2018:0521",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "1534768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768"
},
{
"category": "external",
"summary": "1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_0521.json"
}
],
"title": "Red Hat Security Advisory: java-1.7.1-ibm security update",
"tracking": {
"current_release_date": "2024-11-05T20:25:33+00:00",
"generator": {
"date": "2024-11-05T20:25:33+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.1.1"
}
},
"id": "RHSA-2018:0521",
"initial_release_date": "2018-03-14T15:23:31+00:00",
"revision_history": [
{
"date": "2018-03-14T15:23:31+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2018-03-14T15:23:31+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-05T20:25:33+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product": {
"name": "Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhel_extras:6"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux Supplementary"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=x86_64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_id": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-plugin@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=i686\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "i686"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=s390x\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_id": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-src@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_id": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-devel@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_id": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-demo@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_id": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1"
}
}
},
{
"category": "product_version",
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_id": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/java-1.7.1-ibm-jdbc@1.7.1.4.20-1jpp.3.el6_9?arch=ppc64\u0026epoch=1"
}
}
}
],
"category": "architecture",
"name": "ppc64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Desktop Supplementary (v. 6)",
"product_id": "6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Client-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux HPC Node Supplementary (v. 6)",
"product_id": "6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6ComputeNode-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Server Supplementary (v. 6)",
"product_id": "6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Server-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64 as a component of Red Hat Enterprise Linux Workstation Supplementary (v. 6)",
"product_id": "6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
},
"product_reference": "java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"relates_to_product_reference": "6Workstation-Supplementary-6.9.z"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2018-1417",
"discovery_date": "2018-02-22T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1568966"
}
],
"notes": [
{
"category": "description",
"text": "Under certain circumstances, a flaw in the J9 JVM (IBM SDK, Java Technology Edition 7.1 and 8.0) allows untrusted code running under a security manager to elevate its privileges. IBM X-Force ID: 138823.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-1417"
},
{
"category": "external",
"summary": "RHBZ#1568966",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1568966"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-1417",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-1417"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-1417"
},
{
"category": "external",
"summary": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/138823"
}
],
"release_date": "2018-02-20T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Critical"
}
],
"title": "JDK: J9 JVM allows untrusted code running under a security manager to elevate its privileges"
},
{
"cve": "CVE-2018-2579",
"cwe": {
"id": "CWE-567",
"name": "Unsynchronized Access to Shared Data in a Multithreaded Context"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534298"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that multiple encryption key classes in the Libraries component of OpenJDK did not properly synchronize access to their internal data. This could possibly cause a multi-threaded Java application to apply weak encryption to data because of the use of a key that was zeroed out.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2579"
},
{
"category": "external",
"summary": "RHBZ#1534298",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2579",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2579"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2579"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "OpenJDK: unsynchronized access to encryption key data (Libraries, 8172525)"
},
{
"cve": "CVE-2018-2582",
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534768"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2582"
},
{
"category": "external",
"summary": "RHBZ#1534768",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2582",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2582"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2582"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: insufficient validation of the invokeinterface instruction (Hotspot, 8174962)"
},
{
"cve": "CVE-2018-2588",
"cwe": {
"id": "CWE-90",
"name": "Improper Neutralization of Special Elements used in an LDAP Query (\u0027LDAP Injection\u0027)"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534299"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAP component of OpenJDK failed to properly encode special characters in user names when adding them to an LDAP search query. A remote attacker could possibly use this flaw to manipulate LDAP queries performed by the LdapLoginModule class.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2588"
},
{
"category": "external",
"summary": "RHBZ#1534299",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2588",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2588"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2588"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: LdapLoginModule insufficient username encoding in LDAP query (LDAP, 8178449)"
},
{
"cve": "CVE-2018-2599",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534543"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the DNS client implementation in the JNDI component of OpenJDK did not use random source ports when sending out DNS queries. This could make it easier for a remote attacker to spoof responses to those queries.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2599"
},
{
"category": "external",
"summary": "RHBZ#1534543",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2599",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2599"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2599"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DnsClient missing source port randomization (JNDI, 8182125)"
},
{
"cve": "CVE-2018-2602",
"cwe": {
"id": "CWE-426",
"name": "Untrusted Search Path"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534525"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the I18n component of OpenJDK could use an untrusted search path when loading resource bundle classes. A local attacker could possibly use this flaw to execute arbitrary code as another local user by making their Java application load an attacker controlled class file.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2602"
},
{
"category": "external",
"summary": "RHBZ#1534525",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2602",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2602"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2602"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: loading of classes from untrusted locations (I18n, 8182601)"
},
{
"cve": "CVE-2018-2603",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534553"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the Libraries component of OpenJDK failed to sufficiently limit the amount of memory allocated when reading DER encoded input. A remote attacker could possibly use this flaw to make a Java application use an excessive amount of memory if it parsed attacker supplied DER encoded input.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2603"
},
{
"category": "external",
"summary": "RHBZ#1534553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2603",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2603"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2603"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: DerValue unbounded memory allocation (Libraries, 8182387)"
},
{
"cve": "CVE-2018-2618",
"cwe": {
"id": "CWE-327",
"name": "Use of a Broken or Risky Cryptographic Algorithm"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534762"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the key agreement implementations in the JCE component of OpenJDK did not guarantee sufficient strength of used keys to adequately protect generated shared secret. This could make it easier to break data encryption by attacking key agreement rather than the encryption using the negotiated secret.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2618"
},
{
"category": "external",
"summary": "RHBZ#1534762",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2618",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2618"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2618"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: insufficient strength of key agreement (JCE, 8185292)"
},
{
"cve": "CVE-2018-2633",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535036"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the LDAPCertStore class in the JNDI component of OpenJDK failed to securely handle LDAP referrals. An attacker could possibly use this flaw to make it fetch attacker controlled certificate data.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2633"
},
{
"category": "external",
"summary": "RHBZ#1535036",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2633",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2633"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2633"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.3,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: LDAPCertStore insecure handling of LDAP referrals (JNDI, 8186606)"
},
{
"cve": "CVE-2018-2634",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534943"
}
],
"notes": [
{
"category": "description",
"text": "The JGSS component of OpenJDK ignores the value of the javax.security.auth.useSubjectCredsOnly property when using HTTP/SPNEGO authentication and always uses global credentials. It was discovered that this could cause global credentials to be unexpectedly used by an untrusted Java application.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2634"
},
{
"category": "external",
"summary": "RHBZ#1534943",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2634",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2634"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2634"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: use of global credentials for HTTP/SPNEGO (JGSS, 8186600)"
},
{
"cve": "CVE-2018-2637",
"cwe": {
"id": "CWE-502",
"name": "Deserialization of Untrusted Data"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534970"
}
],
"notes": [
{
"category": "description",
"text": "It was discovered that the JMX component of OpenJDK failed to properly set the deserialization filter for the SingleEntryRegistry in certain cases. A remote attacker could possibly use this flaw to bypass intended deserialization restrictions.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2637"
},
{
"category": "external",
"summary": "RHBZ#1534970",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2637",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2637"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2637"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: SingleEntryRegistry incorrect setup of deserialization filter (JMX, 8186998)"
},
{
"cve": "CVE-2018-2641",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534766"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2641"
},
{
"category": "external",
"summary": "RHBZ#1534766",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2641",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2641"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2641"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "OpenJDK: GTK library loading use-after-free (AWT, 8185325)"
},
{
"cve": "CVE-2018-2657",
"discovery_date": "2018-01-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1535353"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2657"
},
{
"category": "external",
"summary": "RHBZ#1535353",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535353"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2657",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2657"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"category": "external",
"summary": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html#AppendixJAVA"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "JDK: unspecified vulnerability fixed in 6u181 and 7u171 (Serialization)"
},
{
"cve": "CVE-2018-2663",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534296"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2663"
},
{
"category": "external",
"summary": "RHBZ#1534296",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2663",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2663"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2663"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: ArrayBlockingQueue deserialization to an inconsistent state (Libraries, 8189284)"
},
{
"cve": "CVE-2018-2677",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534288"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2677"
},
{
"category": "external",
"summary": "RHBZ#1534288",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2677",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2677"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2677"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation during deserialization (AWT, 8190289)"
},
{
"cve": "CVE-2018-2678",
"cwe": {
"id": "CWE-770",
"name": "Allocation of Resources Without Limits or Throttling"
},
"discovery_date": "2017-12-21T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1534263"
}
],
"notes": [
{
"category": "description",
"text": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2018-2678"
},
{
"category": "external",
"summary": "RHBZ#1534263",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2018-2678",
"url": "https://www.cve.org/CVERecord?id=CVE-2018-2678"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2678"
}
],
"release_date": "2018-01-16T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2018-03-14T15:23:31+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAll running instances of IBM Java must be restarted for this update to take effect.",
"product_ids": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Client-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6ComputeNode-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Server-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-demo-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-devel-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-jdbc-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-plugin-1:1.7.1.4.20-1jpp.3.el6_9.x86_64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.i686",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.ppc64",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.s390x",
"6Workstation-Supplementary-6.9.z:java-1.7.1-ibm-src-1:1.7.1.4.20-1jpp.3.el6_9.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "OpenJDK: unbounded memory allocation in BasicAttributes deserialization (JNDI, 8191142)"
}
]
}
gsd-2018-2657
Vulnerability from gsd
Modified
2023-12-13 01:22
Details
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2018-2657",
"description": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"id": "GSD-2018-2657",
"references": [
"https://www.suse.com/security/cve/CVE-2018-2657.html",
"https://access.redhat.com/errata/RHSA-2018:1812",
"https://access.redhat.com/errata/RHSA-2018:1463",
"https://access.redhat.com/errata/RHSA-2018:0521",
"https://access.redhat.com/errata/RHSA-2018:0458",
"https://access.redhat.com/errata/RHSA-2018:0115",
"https://access.redhat.com/errata/RHSA-2018:0100"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2018-2657"
],
"details": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"id": "GSD-2018-2657",
"modified": "2023-12-13T01:22:31.793695Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2657",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Java",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "Java SE: 6u171"
},
{
"version_affected": "=",
"version_value": "7u161; JRockit: R28.3.16"
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit."
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "102629",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/102629"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:oracle:jrockit:r28.3.16:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.7.0:update161:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jdk:1.6.0:update171:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.6.0:update171:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:oracle:jre:1.7.0:update161:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:satellite:5.7:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:satellite:5.6:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:redhat:satellite:5.8:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:schneider-electric:struxureware_data_center_expert:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndExcluding": "7.6.0",
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:hp:xp7_command_view:*:*:*:*:advanced:*:*:*",
"cpe_name": [],
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:xp_p9000_command_view:*:*:*:*:advanced:*:*:*",
"cpe_name": [],
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:hp:xp_command_view:*:*:*:*:advanced:*:*:*",
"cpe_name": [],
"versionStartIncluding": "8.6.2-01",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2018-2657"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"name": "https://security.netapp.com/advisory/ntap-20180117-0001/",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://security.netapp.com/advisory/ntap-20180117-0001/"
},
{
"name": "1040203",
"refsource": "SECTRACK",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securitytracker.com/id/1040203"
},
{
"name": "102629",
"refsource": "BID",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/bid/102629"
},
{
"name": "RHSA-2018:0100",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"name": "RHSA-2018:0115",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"name": "RHSA-2018:0458",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"name": "RHSA-2018:0521",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"name": "RHSA-2018:1463",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"name": "RHSA-2018:1812",
"refsource": "REDHAT",
"tags": [
"Third Party Advisory"
],
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"name": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us",
"refsource": "CONFIRM",
"tags": [
"Third Party Advisory"
],
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
},
"lastModifiedDate": "2022-05-13T14:57Z",
"publishedDate": "2018-01-18T02:29Z"
}
}
}
ghsa-qq7j-frwj-qh26
Vulnerability from github
Published
2022-05-13 01:16
Modified
2022-05-13 01:16
Severity ?
Details
Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
{
"affected": [],
"aliases": [
"CVE-2018-2657"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2018-01-18T02:29:00Z",
"severity": "MODERATE"
},
"details": "Vulnerability in the Java SE, JRockit component of Oracle Java SE (subcomponent: Serialization). Supported versions that are affected are Java SE: 6u171 and 7u161; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, JRockit. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"id": "GHSA-qq7j-frwj-qh26",
"modified": "2022-05-13T01:16:55Z",
"published": "2022-05-13T01:16:55Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2018-2657"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0100"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0115"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0458"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:0521"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1463"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2018:1812"
},
{
"type": "WEB",
"url": "https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0"
},
{
"type": "WEB",
"url": "https://security.netapp.com/advisory/ntap-20180117-0001"
},
{
"type": "WEB",
"url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbst03911en_us"
},
{
"type": "WEB",
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/102629"
},
{
"type": "WEB",
"url": "http://www.securitytracker.com/id/1040203"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
Loading...
Loading...
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.