Action not permitted
Modal body text goes here.
Modal Title
Modal Body
cve-2022-21271
Vulnerability from cvelistv5
Published
2022-01-19 11:22
Modified
2024-09-24 20:29
Severity ?
EPSS score ?
0.54%
(0.64918)
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Solaris Operating System |
Version: 11 |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T02:31:59.239Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { name: "GLSA-202209-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "https://security.gentoo.org/glsa/202209-05", }, ], title: "CVE Program Container", }, { metrics: [ { other: { content: { id: "CVE-2022-21271", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-09-24T17:35:28.936640Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-09-24T20:29:11.662Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, ], cna: { affected: [ { product: "Solaris Operating System", vendor: "Oracle Corporation", versions: [ { status: "affected", version: "11", }, ], }, ], descriptions: [ { lang: "en", value: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, ], problemTypes: [ { descriptions: [ { description: "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-09-07T04:06:43", orgId: "43595867-4340-4103-b7a2-9a5208d29a85", shortName: "oracle", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { tags: [ "x_refsource_MISC", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { name: "GLSA-202209-05", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "https://security.gentoo.org/glsa/202209-05", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2022-21271", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Solaris Operating System", version: { version_data: [ { version_affected: "=", version_value: "11", }, ], }, }, ], }, vendor_name: "Oracle Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", }, ], }, impact: { cvss: { baseScore: "5.3", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220121-0007/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { name: "GLSA-202209-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-05", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "43595867-4340-4103-b7a2-9a5208d29a85", assignerShortName: "oracle", cveId: "CVE-2022-21271", datePublished: "2022-01-19T11:22:48", dateReserved: "2021-11-15T00:00:00", dateUpdated: "2024-09-24T20:29:11.662Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", "vulnerability-lookup:meta": { fkie_nvd: { configurations: "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:graalvm:20.3.4:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"9F300E13-1B40-4B35-ACA5-4D402CD41055\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:graalvm:21.3.0:*:*:*:enterprise:*:*:*\", \"matchCriteriaId\": \"B10E38A6-783C-45A2-98A1-12FA1EB3D3AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DFC79B17-E9D2-44D5-93ED-2F959E7A3D43\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AD04BEE5-E9A8-4584-A68C-0195CE9C402C\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.7.0:update321:*:*:*:*:*:*\", \"matchCriteriaId\": \"F3E9DB6B-06BC-47F9-AEB9-E36378A97543\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:1.8.0:update311:*:*:*:*:*:*\", \"matchCriteriaId\": \"3C9591ED-CA9E-4844-9B7F-D477D7A51413\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jdk:11.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A7F43D86-B696-41E4-A288-6A2D43A1774A\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.7.0:update321:*:*:*:*:*:*\", \"matchCriteriaId\": \"C5988521-7571-4AE7-BD02-2C8765FC464B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:1.8.0:update311:*:*:*:*:*:*\", \"matchCriteriaId\": \"29AB737A-FB85-4E91-B8D3-A4B9A780FC0E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:jre:11.0.13:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"90EC4B85-A88A-4EC3-9EA0-3A24874D5F87\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8E8C192B-8044-4BF9-9F1F-57371FC0E8FD\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7EF6650C-558D-45C8-AE7D-136EE70CB6D7\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\", \"matchCriteriaId\": \"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\", \"matchCriteriaId\": \"B55E8D50-99B4-47EC-86F9-699B67D473CE\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CCAA4004-9319-478C-9D55-0E8307F872F6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\", \"versionStartIncluding\": \"11.0.0\", \"versionEndIncluding\": \"11.70.1\", \"matchCriteriaId\": \"FF971916-C526-43A9-BD80-985BCC476569\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"0D9CC59D-6182-4B5E-96B5-226FCD343916\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*\", \"matchCriteriaId\": \"1AEFF829-A8F2-4041-8DDF-E705DB3ADED2\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A3C19813-E823-456A-B1CE-EC0684CE1953\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5735E553-9731-4AAC-BCFF-989377F817B3\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A372B177-F740-4655-865C-31777A6E140B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\", \"matchCriteriaId\": \"26A2B713-7D6D-420A-93A4-E0D983C983DF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\", \"matchCriteriaId\": \"64DE38C8-94F1-4860-B045-F33928F676A8\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]}]", descriptions: "[{\"lang\": \"en\", \"value\": \"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: Libraries). Las versiones compatibles que est\\u00e1n afectadas son Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 y 21.3.0. Una vulnerabilidad explotable f\\u00e1cilmente permite a un atacante no autenticado con acceso a la red por medio de m\\u00faltiples protocolos comprometer a Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques con \\u00e9xito de esta vulnerabilidad pueden resultar en una capacidad no autorizada de causar una negaci\\u00f3n parcial del servicio (DOS parcial) de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad es aplicada a las implantaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start con sandbox o applets Java con sandbox, que cargan y ejecutan c\\u00f3digo que no es confiable (por ejemplo, c\\u00f3digo que viene de Internet) y dependen de la sandbox de Java para la seguridad. Esta vulnerabilidad tambi\\u00e9n puede ser explotada al usar APIs en el Componente especificado, por ejemplo, mediante un servicio web que suministra datos a las APIs. CVSS 3.1, Puntuaci\\u00f3n base 5.3 (impactos en la Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\"}]", id: "CVE-2022-21271", lastModified: "2024-11-21T06:44:15.123", metrics: "{\"cvssMetricV31\": [{\"source\": \"secalert_us@oracle.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"baseScore\": 5.3, \"baseSeverity\": \"MEDIUM\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"LOW\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 1.4}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:N/I:N/A:P\", \"baseScore\": 5.0, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"NONE\", \"integrityImpact\": \"NONE\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"MEDIUM\", \"exploitabilityScore\": 10.0, \"impactScore\": 2.9, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}", published: "2022-01-19T12:15:11.417", references: "[{\"url\": \"https://security.gentoo.org/glsa/202209-05\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0007/\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"secalert_us@oracle.com\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-05\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0007/\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}]", sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Modified", weaknesses: "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"NVD-CWE-noinfo\"}]}]", }, nvd: "{\"cve\":{\"id\":\"CVE-2022-21271\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2022-01-19T12:15:11.417\",\"lastModified\":\"2024-11-21T06:44:15.123\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: Libraries). Las versiones compatibles que están afectadas son Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 y 21.3.0. Una vulnerabilidad explotable fácilmente permite a un atacante no autenticado con acceso a la red por medio de múltiples protocolos comprometer a Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques con éxito de esta vulnerabilidad pueden resultar en una capacidad no autorizada de causar una negación parcial del servicio (DOS parcial) de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad es aplicada a las implantaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start con sandbox o applets Java con sandbox, que cargan y ejecutan código que no es confiable (por ejemplo, código que viene de Internet) y dependen de la sandbox de Java para la seguridad. Esta vulnerabilidad también puede ser explotada al usar APIs en el Componente especificado, por ejemplo, mediante un servicio web que suministra datos a las APIs. CVSS 3.1, Puntuación base 5.3 (impactos en la Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":5.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":3.9,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"baseScore\":5.0,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:20.3.4:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"9F300E13-1B40-4B35-ACA5-4D402CD41055\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm:21.3.0:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"B10E38A6-783C-45A2-98A1-12FA1EB3D3AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DFC79B17-E9D2-44D5-93ED-2F959E7A3D43\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AD04BEE5-E9A8-4584-A68C-0195CE9C402C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.7.0:update321:*:*:*:*:*:*\",\"matchCriteriaId\":\"F3E9DB6B-06BC-47F9-AEB9-E36378A97543\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:1.8.0:update311:*:*:*:*:*:*\",\"matchCriteriaId\":\"3C9591ED-CA9E-4844-9B7F-D477D7A51413\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jdk:11.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A7F43D86-B696-41E4-A288-6A2D43A1774A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.7.0:update321:*:*:*:*:*:*\",\"matchCriteriaId\":\"C5988521-7571-4AE7-BD02-2C8765FC464B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:1.8.0:update311:*:*:*:*:*:*\",\"matchCriteriaId\":\"29AB737A-FB85-4E91-B8D3-A4B9A780FC0E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:jre:11.0.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"90EC4B85-A88A-4EC3-9EA0-3A24874D5F87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D3E503FB-6279-4D4A-91D8-E237ECF9D2B0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8E8C192B-8044-4BF9-9F1F-57371FC0E8FD\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EF6650C-558D-45C8-AE7D-136EE70CB6D7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*\",\"matchCriteriaId\":\"3A756737-1CC4-42C2-A4DF-E1C893B4E2D5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*\",\"matchCriteriaId\":\"B55E8D50-99B4-47EC-86F9-699B67D473CE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CCAA4004-9319-478C-9D55-0E8307F872F6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"11.0.0\",\"versionEndIncluding\":\"11.70.1\",\"matchCriteriaId\":\"FF971916-C526-43A9-BD80-985BCC476569\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0D9CC59D-6182-4B5E-96B5-226FCD343916\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*\",\"matchCriteriaId\":\"1AEFF829-A8F2-4041-8DDF-E705DB3ADED2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A3C19813-E823-456A-B1CE-EC0684CE1953\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1BE6C1F-2565-4E97-92AA-16563E5660A5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5735E553-9731-4AAC-BCFF-989377F817B3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A372B177-F740-4655-865C-31777A6E140B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*\",\"matchCriteriaId\":\"26A2B713-7D6D-420A-93A4-E0D983C983DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*\",\"matchCriteriaId\":\"64DE38C8-94F1-4860-B045-F33928F676A8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737\"}]}]}],\"references\":[{\"url\":\"https://security.gentoo.org/glsa/202209-05\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220121-0007/\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/202209-05\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20220121-0007/\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpuapr2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.oracle.com/security-alerts/cpujan2022.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]}]}}", vulnrichment: { containers: "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_refsource_MISC\", \"x_transferred\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0007/\", \"tags\": [\"x_refsource_CONFIRM\", \"x_transferred\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-05\", \"name\": \"GLSA-202209-05\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T02:31:59.239Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-21271\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-09-24T17:35:28.936640Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-09-24T17:36:18.247Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 5.3, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Solaris Operating System\", \"versions\": [{\"status\": \"affected\", \"version\": \"11\"}]}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"tags\": [\"x_refsource_MISC\"]}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0007/\", \"tags\": [\"x_refsource_CONFIRM\"]}, {\"url\": \"https://security.gentoo.org/glsa/202209-05\", \"name\": \"GLSA-202209-05\", \"tags\": [\"vendor-advisory\", \"x_refsource_GENTOO\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2022-09-07T04:06:43\"}, \"x_legacyV4Record\": {\"impact\": {\"cvss\": {\"version\": \"3.1\", \"baseScore\": \"5.3\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L\"}}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"11\", \"version_affected\": \"=\"}]}, \"product_name\": \"Solaris Operating System\"}]}, \"vendor_name\": \"Oracle Corporation\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpujan2022.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"name\": \"https://www.oracle.com/security-alerts/cpuapr2022.html\", \"refsource\": \"MISC\"}, {\"url\": \"https://security.netapp.com/advisory/ntap-20220121-0007/\", \"name\": \"https://security.netapp.com/advisory/ntap-20220121-0007/\", \"refsource\": \"CONFIRM\"}, {\"url\": \"https://security.gentoo.org/glsa/202209-05\", \"name\": \"GLSA-202209-05\", \"refsource\": \"GENTOO\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2022-21271\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secalert_us@oracle.com\"}}}}", cveMetadata: "{\"cveId\": \"CVE-2022-21271\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2024-09-24T20:29:11.662Z\", \"dateReserved\": \"2021-11-15T00:00:00\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2022-01-19T11:22:48\", \"assignerShortName\": \"oracle\"}", dataType: "CVE_RECORD", dataVersion: "5.1", }, }, }
fkie_cve-2022-21271
Vulnerability from fkie_nvd
Published
2022-01-19 12:15
Modified
2024-11-21 06:44
Severity ?
Summary
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | graalvm | 20.3.4 | |
| oracle | graalvm | 21.3.0 | |
| oracle | http_server | 12.2.1.3.0 | |
| oracle | http_server | 12.2.1.4.0 | |
| oracle | jdk | 1.7.0 | |
| oracle | jdk | 1.8.0 | |
| oracle | jdk | 11.0.13 | |
| oracle | jre | 1.7.0 | |
| oracle | jre | 1.8.0 | |
| oracle | jre | 11.0.13 | |
| oracle | zfs_storage_appliance_kit | 8.8 | |
| oracle | solaris | 11 | |
| netapp | 7-mode_transition_tool | - | |
| netapp | active_iq_unified_manager | - | |
| netapp | active_iq_unified_manager | - | |
| netapp | cloud_insights_acquisition_unit | - | |
| netapp | cloud_secure_agent | - | |
| netapp | e-series_santricity_os_controller | * | |
| netapp | e-series_santricity_storage_manager | - | |
| netapp | e-series_santricity_web_services | - | |
| netapp | hci_management_node | - | |
| netapp | oncommand_insight | - | |
| netapp | oncommand_workflow_automation | - | |
| netapp | santricity_unified_manager | - | |
| netapp | snapmanager | - | |
| netapp | snapmanager | - | |
| netapp | solidfire | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:oracle:graalvm:20.3.4:*:*:*:enterprise:*:*:*", matchCriteriaId: "9F300E13-1B40-4B35-ACA5-4D402CD41055", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:graalvm:21.3.0:*:*:*:enterprise:*:*:*", matchCriteriaId: "B10E38A6-783C-45A2-98A1-12FA1EB3D3AA", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "DFC79B17-E9D2-44D5-93ED-2F959E7A3D43", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "AD04BEE5-E9A8-4584-A68C-0195CE9C402C", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:1.7.0:update321:*:*:*:*:*:*", matchCriteriaId: "F3E9DB6B-06BC-47F9-AEB9-E36378A97543", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:1.8.0:update311:*:*:*:*:*:*", matchCriteriaId: "3C9591ED-CA9E-4844-9B7F-D477D7A51413", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jdk:11.0.13:*:*:*:*:*:*:*", matchCriteriaId: "A7F43D86-B696-41E4-A288-6A2D43A1774A", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.7.0:update321:*:*:*:*:*:*", matchCriteriaId: "C5988521-7571-4AE7-BD02-2C8765FC464B", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:1.8.0:update311:*:*:*:*:*:*", matchCriteriaId: "29AB737A-FB85-4E91-B8D3-A4B9A780FC0E", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:jre:11.0.13:*:*:*:*:*:*:*", matchCriteriaId: "90EC4B85-A88A-4EC3-9EA0-3A24874D5F87", vulnerable: true, }, { criteria: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", matchCriteriaId: "D3E503FB-6279-4D4A-91D8-E237ECF9D2B0", vulnerable: true, }, { criteria: "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", matchCriteriaId: "8E8C192B-8044-4BF9-9F1F-57371FC0E8FD", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*", matchCriteriaId: "7EF6650C-558D-45C8-AE7D-136EE70CB6D7", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", matchCriteriaId: "3A756737-1CC4-42C2-A4DF-E1C893B4E2D5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*", matchCriteriaId: "CCAA4004-9319-478C-9D55-0E8307F872F6", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", matchCriteriaId: "F0F202E8-97E6-4BBB-A0B6-4CA3F5803C08", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", matchCriteriaId: "FF971916-C526-43A9-BD80-985BCC476569", versionEndIncluding: "11.70.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "0D9CC59D-6182-4B5E-96B5-226FCD343916", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*", matchCriteriaId: "1AEFF829-A8F2-4041-8DDF-E705DB3ADED2", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*", matchCriteriaId: "A372B177-F740-4655-865C-31777A6E140B", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", matchCriteriaId: "26A2B713-7D6D-420A-93A4-E0D983C983DF", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", matchCriteriaId: "64DE38C8-94F1-4860-B045-F33928F676A8", vulnerable: true, }, { criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", }, { lang: "es", value: "Una vulnerabilidad en el producto Oracle Java SE, Oracle GraalVM Enterprise Edition de Oracle Java SE (componente: Libraries). Las versiones compatibles que están afectadas son Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 y 21.3.0. Una vulnerabilidad explotable fácilmente permite a un atacante no autenticado con acceso a la red por medio de múltiples protocolos comprometer a Oracle Java SE, Oracle GraalVM Enterprise Edition. Los ataques con éxito de esta vulnerabilidad pueden resultar en una capacidad no autorizada de causar una negación parcial del servicio (DOS parcial) de Oracle Java SE, Oracle GraalVM Enterprise Edition. Nota: Esta vulnerabilidad es aplicada a las implantaciones de Java, normalmente en clientes que ejecutan aplicaciones Java Web Start con sandbox o applets Java con sandbox, que cargan y ejecutan código que no es confiable (por ejemplo, código que viene de Internet) y dependen de la sandbox de Java para la seguridad. Esta vulnerabilidad también puede ser explotada al usar APIs en el Componente especificado, por ejemplo, mediante un servicio web que suministra datos a las APIs. CVSS 3.1, Puntuación base 5.3 (impactos en la Disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L)", }, ], id: "CVE-2022-21271", lastModified: "2024-11-21T06:44:15.123", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "secalert_us@oracle.com", type: "Secondary", }, ], }, published: "2022-01-19T12:15:11.417", references: [ { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-05", }, { source: "secalert_us@oracle.com", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "secalert_us@oracle.com", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-05", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], sourceIdentifier: "secalert_us@oracle.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
suse-su-2022:1025-1
Vulnerability from csaf_suse
Published
2022-03-29 13:37
Modified
2022-03-29 13:37
Summary
Security update for java-1_7_1-ibm
Notes
Title of the patch
Security update for java-1_7_1-ibm
Description of the patch
This update for java-1_7_1-ibm fixes the following issues:
Update Java 7.1 to Service Refresh 7 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
Patchnames
HPE-Helion-OpenStack-8-2022-1025,SUSE-2022-1025,SUSE-OpenStack-Cloud-8-2022-1025,SUSE-OpenStack-Cloud-9-2022-1025,SUSE-OpenStack-Cloud-Crowbar-8-2022-1025,SUSE-OpenStack-Cloud-Crowbar-9-2022-1025,SUSE-SLE-SAP-12-SP3-2022-1025,SUSE-SLE-SAP-12-SP4-2022-1025,SUSE-SLE-SDK-12-SP5-2022-1025,SUSE-SLE-SERVER-12-SP2-BCL-2022-1025,SUSE-SLE-SERVER-12-SP3-2022-1025,SUSE-SLE-SERVER-12-SP3-BCL-2022-1025,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1025,SUSE-SLE-SERVER-12-SP5-2022-1025
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for java-1_7_1-ibm", title: "Title of the patch", }, { category: "description", text: "This update for java-1_7_1-ibm fixes the following issues:\n\nUpdate Java 7.1 to Service Refresh 7 Fix Pack 5 (bsc#1197126).\n\nIncluding fixes for the following vulnerabilities: \n\n CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,\n CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,\n CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,\n CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,\n CVE-2022-21271.\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2022-1025,SUSE-2022-1025,SUSE-OpenStack-Cloud-8-2022-1025,SUSE-OpenStack-Cloud-9-2022-1025,SUSE-OpenStack-Cloud-Crowbar-8-2022-1025,SUSE-OpenStack-Cloud-Crowbar-9-2022-1025,SUSE-SLE-SAP-12-SP3-2022-1025,SUSE-SLE-SAP-12-SP4-2022-1025,SUSE-SLE-SDK-12-SP5-2022-1025,SUSE-SLE-SERVER-12-SP2-BCL-2022-1025,SUSE-SLE-SERVER-12-SP3-2022-1025,SUSE-SLE-SERVER-12-SP3-BCL-2022-1025,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1025,SUSE-SLE-SERVER-12-SP5-2022-1025", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1025-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:1025-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20221025-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:1025-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010560.html", }, { category: "self", summary: "SUSE Bug 1194925", url: "https://bugzilla.suse.com/1194925", }, { category: "self", summary: "SUSE Bug 1194926", url: "https://bugzilla.suse.com/1194926", }, { category: "self", summary: "SUSE Bug 1194927", url: "https://bugzilla.suse.com/1194927", }, { category: "self", summary: "SUSE Bug 1194928", url: "https://bugzilla.suse.com/1194928", }, { category: "self", summary: "SUSE Bug 1194929", url: "https://bugzilla.suse.com/1194929", }, { category: "self", summary: "SUSE Bug 1194930", url: "https://bugzilla.suse.com/1194930", }, { category: "self", summary: "SUSE Bug 1194931", url: "https://bugzilla.suse.com/1194931", }, { category: "self", summary: "SUSE Bug 1194932", url: "https://bugzilla.suse.com/1194932", }, { category: "self", summary: "SUSE Bug 1194933", url: "https://bugzilla.suse.com/1194933", }, { category: "self", summary: "SUSE Bug 1194934", url: "https://bugzilla.suse.com/1194934", }, { category: "self", summary: "SUSE Bug 1194935", url: "https://bugzilla.suse.com/1194935", }, { category: "self", summary: "SUSE Bug 1194937", url: "https://bugzilla.suse.com/1194937", }, { category: "self", summary: "SUSE Bug 1194939", url: "https://bugzilla.suse.com/1194939", }, { category: "self", summary: "SUSE Bug 1194940", url: "https://bugzilla.suse.com/1194940", }, { category: "self", summary: "SUSE Bug 1194941", url: "https://bugzilla.suse.com/1194941", }, { category: "self", summary: "SUSE Bug 1196500", url: "https://bugzilla.suse.com/1196500", }, { category: "self", summary: "SUSE Bug 1197126", url: "https://bugzilla.suse.com/1197126", }, { category: "self", summary: "SUSE CVE CVE-2022-21248 page", url: "https://www.suse.com/security/cve/CVE-2022-21248/", }, { category: "self", summary: "SUSE CVE CVE-2022-21271 page", url: "https://www.suse.com/security/cve/CVE-2022-21271/", }, { category: "self", summary: "SUSE CVE CVE-2022-21277 page", url: "https://www.suse.com/security/cve/CVE-2022-21277/", }, { category: "self", summary: "SUSE CVE CVE-2022-21282 page", url: "https://www.suse.com/security/cve/CVE-2022-21282/", }, { category: "self", summary: "SUSE CVE CVE-2022-21283 page", url: "https://www.suse.com/security/cve/CVE-2022-21283/", }, { category: "self", summary: "SUSE CVE CVE-2022-21291 page", url: "https://www.suse.com/security/cve/CVE-2022-21291/", }, { category: "self", summary: "SUSE CVE CVE-2022-21293 page", url: "https://www.suse.com/security/cve/CVE-2022-21293/", }, { category: "self", summary: "SUSE CVE CVE-2022-21294 page", url: "https://www.suse.com/security/cve/CVE-2022-21294/", }, { category: "self", summary: "SUSE CVE CVE-2022-21296 page", url: "https://www.suse.com/security/cve/CVE-2022-21296/", }, { category: "self", summary: "SUSE CVE CVE-2022-21299 page", url: "https://www.suse.com/security/cve/CVE-2022-21299/", }, { category: "self", summary: "SUSE CVE CVE-2022-21305 page", url: "https://www.suse.com/security/cve/CVE-2022-21305/", }, { category: "self", summary: "SUSE CVE CVE-2022-21340 page", url: "https://www.suse.com/security/cve/CVE-2022-21340/", }, { category: "self", summary: "SUSE CVE CVE-2022-21341 page", url: "https://www.suse.com/security/cve/CVE-2022-21341/", }, { category: "self", summary: "SUSE CVE CVE-2022-21349 page", url: "https://www.suse.com/security/cve/CVE-2022-21349/", }, { category: "self", summary: "SUSE CVE CVE-2022-21360 page", url: "https://www.suse.com/security/cve/CVE-2022-21360/", }, { category: "self", summary: "SUSE CVE CVE-2022-21365 page", url: "https://www.suse.com/security/cve/CVE-2022-21365/", }, { category: "self", summary: "SUSE CVE CVE-2022-21366 page", url: "https://www.suse.com/security/cve/CVE-2022-21366/", }, ], title: "Security update for java-1_7_1-ibm", tracking: { current_release_date: "2022-03-29T13:37:45Z", generator: { date: "2022-03-29T13:37:45Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:1025-1", initial_release_date: "2022-03-29T13:37:45Z", revision_history: [ { date: "2022-03-29T13:37:45Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.i586", product: { name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.i586", product_id: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, }, { category: "product_version", name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.ppc64le", product: { name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.ppc64le", product_id: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.ppc64le", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, }, { category: "product_version", name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.ppc64le", product: { name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.ppc64le", product_id: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390", }, }, { category: "product_version", name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.s390", product: { name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.s390", product_id: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.s390", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390", }, }, { category: "product_version", name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.s390", product: { name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.s390", product_id: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-32bit-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-32bit-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-32bit-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-32bit-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-devel-32bit-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-devel-32bit-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-32bit-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-jdbc-32bit-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-jdbc-32bit-1.7.1_sr5.5-38.68.1.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.s390x", product: { name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.s390x", product_id: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-32bit-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-32bit-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-32bit-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-demo-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-32bit-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-devel-32bit-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-devel-32bit-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-32bit-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-jdbc-32bit-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-jdbc-32bit-1.7.1_sr5.5-38.68.1.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.x86_64", product: { name: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.x86_64", product_id: "java-1_7_1-ibm-src-1.7.1_sr5.5-38.68.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP5", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21248", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21248", url: "https://www.suse.com/security/cve/CVE-2022-21248", }, { category: "external", summary: "SUSE Bug 1194926 for CVE-2022-21248", url: "https://bugzilla.suse.com/1194926", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21248", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "low", }, ], title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21271", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21271", url: "https://www.suse.com/security/cve/CVE-2022-21271", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21271", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21277", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21277", url: "https://www.suse.com/security/cve/CVE-2022-21277", }, { category: "external", summary: "SUSE Bug 1194930 for CVE-2022-21277", url: "https://bugzilla.suse.com/1194930", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21277", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21282", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21282", url: "https://www.suse.com/security/cve/CVE-2022-21282", }, { category: "external", summary: "SUSE Bug 1194933 for CVE-2022-21282", url: "https://bugzilla.suse.com/1194933", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21282", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21283", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21283", url: "https://www.suse.com/security/cve/CVE-2022-21283", }, { category: "external", summary: "SUSE Bug 1194937 for CVE-2022-21283", url: "https://bugzilla.suse.com/1194937", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21283", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21291", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21291", url: "https://www.suse.com/security/cve/CVE-2022-21291", }, { category: "external", summary: "SUSE Bug 1194925 for CVE-2022-21291", url: "https://bugzilla.suse.com/1194925", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21291", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21293", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21293", url: "https://www.suse.com/security/cve/CVE-2022-21293", }, { category: "external", summary: "SUSE Bug 1194935 for CVE-2022-21293", url: "https://bugzilla.suse.com/1194935", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21293", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21294", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21294", url: "https://www.suse.com/security/cve/CVE-2022-21294", }, { category: "external", summary: "SUSE Bug 1194934 for CVE-2022-21294", url: "https://bugzilla.suse.com/1194934", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21294", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21296", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21296", url: "https://www.suse.com/security/cve/CVE-2022-21296", }, { category: "external", summary: "SUSE Bug 1194932 for CVE-2022-21296", url: "https://bugzilla.suse.com/1194932", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21296", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21299", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21299", url: "https://www.suse.com/security/cve/CVE-2022-21299", }, { category: "external", summary: "SUSE Bug 1194931 for CVE-2022-21299", url: "https://bugzilla.suse.com/1194931", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21299", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21305", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21305", url: "https://www.suse.com/security/cve/CVE-2022-21305", }, { category: "external", summary: "SUSE Bug 1194939 for CVE-2022-21305", url: "https://bugzilla.suse.com/1194939", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21305", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21340", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21340", url: "https://www.suse.com/security/cve/CVE-2022-21340", }, { category: "external", summary: "SUSE Bug 1194940 for CVE-2022-21340", url: "https://bugzilla.suse.com/1194940", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21340", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21341", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21341", url: "https://www.suse.com/security/cve/CVE-2022-21341", }, { category: "external", summary: "SUSE Bug 1194941 for CVE-2022-21341", url: "https://bugzilla.suse.com/1194941", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21341", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21349", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21349", url: "https://www.suse.com/security/cve/CVE-2022-21349", }, { category: "external", summary: "SUSE Bug 1196500 for CVE-2022-21349", url: "https://bugzilla.suse.com/1196500", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21349", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21360", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21360", url: "https://www.suse.com/security/cve/CVE-2022-21360", }, { category: "external", summary: "SUSE Bug 1194929 for CVE-2022-21360", url: "https://bugzilla.suse.com/1194929", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21360", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21365", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21365", url: "https://www.suse.com/security/cve/CVE-2022-21365", }, { category: "external", summary: "SUSE Bug 1194928 for CVE-2022-21365", url: "https://bugzilla.suse.com/1194928", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21365", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21366", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21366", url: "https://www.suse.com/security/cve/CVE-2022-21366", }, { category: "external", summary: "SUSE Bug 1194927 for CVE-2022-21366", url: "https://bugzilla.suse.com/1194927", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21366", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "HPE Helion OpenStack 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-alsa-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-devel-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-38.68.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_7_1-ibm-plugin-1.7.1_sr5.5-38.68.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:37:45Z", details: "moderate", }, ], title: "CVE-2022-21366", }, ], }
suse-su-2022:1026-1
Vulnerability from csaf_suse
Published
2022-03-29 13:39
Modified
2022-03-29 13:39
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
Update Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
Non-securtiy fix:
- Fixed a broken symlink for javaws (bsc#1195146).
Patchnames
HPE-Helion-OpenStack-8-2022-1026,SUSE-2022-1026,SUSE-OpenStack-Cloud-8-2022-1026,SUSE-OpenStack-Cloud-9-2022-1026,SUSE-OpenStack-Cloud-Crowbar-8-2022-1026,SUSE-OpenStack-Cloud-Crowbar-9-2022-1026,SUSE-SLE-SAP-12-SP3-2022-1026,SUSE-SLE-SAP-12-SP4-2022-1026,SUSE-SLE-SDK-12-SP5-2022-1026,SUSE-SLE-SERVER-12-SP2-BCL-2022-1026,SUSE-SLE-SERVER-12-SP3-2022-1026,SUSE-SLE-SERVER-12-SP3-BCL-2022-1026,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1026,SUSE-SLE-SERVER-12-SP5-2022-1026
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for java-1_8_0-ibm", title: "Title of the patch", }, { category: "description", text: "This update for java-1_8_0-ibm fixes the following issues:\n\nUpdate Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).\n\nIncluding fixes for the following vulnerabilities: \n\n CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,\n CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,\n CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,\n CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,\n CVE-2022-21271.\n\nNon-securtiy fix:\n\n- Fixed a broken symlink for javaws (bsc#1195146).\n", title: "Description of the patch", }, { category: "details", text: "HPE-Helion-OpenStack-8-2022-1026,SUSE-2022-1026,SUSE-OpenStack-Cloud-8-2022-1026,SUSE-OpenStack-Cloud-9-2022-1026,SUSE-OpenStack-Cloud-Crowbar-8-2022-1026,SUSE-OpenStack-Cloud-Crowbar-9-2022-1026,SUSE-SLE-SAP-12-SP3-2022-1026,SUSE-SLE-SAP-12-SP4-2022-1026,SUSE-SLE-SDK-12-SP5-2022-1026,SUSE-SLE-SERVER-12-SP2-BCL-2022-1026,SUSE-SLE-SERVER-12-SP3-2022-1026,SUSE-SLE-SERVER-12-SP3-BCL-2022-1026,SUSE-SLE-SERVER-12-SP4-LTSS-2022-1026,SUSE-SLE-SERVER-12-SP5-2022-1026", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1026-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:1026-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20221026-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:1026-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010556.html", }, { category: "self", summary: "SUSE Bug 1194925", url: "https://bugzilla.suse.com/1194925", }, { category: "self", summary: "SUSE Bug 1194926", url: "https://bugzilla.suse.com/1194926", }, { category: "self", summary: "SUSE Bug 1194927", url: "https://bugzilla.suse.com/1194927", }, { category: "self", summary: "SUSE Bug 1194928", url: "https://bugzilla.suse.com/1194928", }, { category: "self", summary: "SUSE Bug 1194929", url: "https://bugzilla.suse.com/1194929", }, { category: "self", summary: "SUSE Bug 1194930", url: "https://bugzilla.suse.com/1194930", }, { category: "self", summary: "SUSE Bug 1194931", url: "https://bugzilla.suse.com/1194931", }, { category: "self", summary: "SUSE Bug 1194932", url: "https://bugzilla.suse.com/1194932", }, { category: "self", summary: "SUSE Bug 1194933", url: "https://bugzilla.suse.com/1194933", }, { category: "self", summary: "SUSE Bug 1194934", url: "https://bugzilla.suse.com/1194934", }, { category: "self", summary: "SUSE Bug 1194935", url: "https://bugzilla.suse.com/1194935", }, { category: "self", summary: "SUSE Bug 1194937", url: "https://bugzilla.suse.com/1194937", }, { category: "self", summary: "SUSE Bug 1194939", url: "https://bugzilla.suse.com/1194939", }, { category: "self", summary: "SUSE Bug 1194940", url: "https://bugzilla.suse.com/1194940", }, { category: "self", summary: "SUSE Bug 1194941", url: "https://bugzilla.suse.com/1194941", }, { category: "self", summary: "SUSE Bug 1195146", url: "https://bugzilla.suse.com/1195146", }, { category: "self", summary: "SUSE Bug 1196500", url: "https://bugzilla.suse.com/1196500", }, { category: "self", summary: "SUSE Bug 1197126", url: "https://bugzilla.suse.com/1197126", }, { category: "self", summary: "SUSE CVE CVE-2022-21248 page", url: "https://www.suse.com/security/cve/CVE-2022-21248/", }, { category: "self", summary: "SUSE CVE CVE-2022-21271 page", url: "https://www.suse.com/security/cve/CVE-2022-21271/", }, { category: "self", summary: "SUSE CVE CVE-2022-21277 page", url: "https://www.suse.com/security/cve/CVE-2022-21277/", }, { category: "self", summary: "SUSE CVE CVE-2022-21282 page", url: "https://www.suse.com/security/cve/CVE-2022-21282/", }, { category: "self", summary: "SUSE CVE CVE-2022-21283 page", url: "https://www.suse.com/security/cve/CVE-2022-21283/", }, { category: "self", summary: "SUSE CVE CVE-2022-21291 page", url: "https://www.suse.com/security/cve/CVE-2022-21291/", }, { category: "self", summary: "SUSE CVE CVE-2022-21293 page", url: "https://www.suse.com/security/cve/CVE-2022-21293/", }, { category: "self", summary: "SUSE CVE CVE-2022-21294 page", url: "https://www.suse.com/security/cve/CVE-2022-21294/", }, { category: "self", summary: "SUSE CVE CVE-2022-21296 page", url: "https://www.suse.com/security/cve/CVE-2022-21296/", }, { category: "self", summary: "SUSE CVE CVE-2022-21299 page", url: "https://www.suse.com/security/cve/CVE-2022-21299/", }, { category: "self", summary: "SUSE CVE CVE-2022-21305 page", url: "https://www.suse.com/security/cve/CVE-2022-21305/", }, { category: "self", summary: "SUSE CVE CVE-2022-21340 page", url: "https://www.suse.com/security/cve/CVE-2022-21340/", }, { category: "self", summary: "SUSE CVE CVE-2022-21341 page", url: "https://www.suse.com/security/cve/CVE-2022-21341/", }, { category: "self", summary: "SUSE CVE CVE-2022-21349 page", url: "https://www.suse.com/security/cve/CVE-2022-21349/", }, { category: "self", summary: "SUSE CVE CVE-2022-21360 page", url: "https://www.suse.com/security/cve/CVE-2022-21360/", }, { category: "self", summary: "SUSE CVE CVE-2022-21365 page", url: "https://www.suse.com/security/cve/CVE-2022-21365/", }, { category: "self", summary: "SUSE CVE CVE-2022-21366 page", url: "https://www.suse.com/security/cve/CVE-2022-21366/", }, ], title: "Security update for java-1_8_0-ibm", tracking: { current_release_date: "2022-03-29T13:39:25Z", generator: { date: "2022-03-29T13:39:25Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:1026-1", initial_release_date: "2022-03-29T13:39:25Z", revision_history: [ { date: "2022-03-29T13:39:25Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.i586", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.i586", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.i586", product: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.i586", product_id: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.i586", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.i586", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.i586", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.i586", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.i586", product: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.i586", product_id: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.i586", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.i586", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.ppc64le", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.ppc64le", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.ppc64le", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.ppc64le", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.s390", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.s390", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.s390", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.s390", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.s390", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.s390", }, }, ], category: "architecture", name: "s390", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-30.87.1.s390x", product: { name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-30.87.1.s390x", product_id: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-30.87.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.s390x", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.s390x", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-30.87.1.s390x", product: { name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-30.87.1.s390x", product_id: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-30.87.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.s390x", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.s390x", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-30.87.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.x86_64", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.x86_64", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-30.87.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "HPE Helion OpenStack 8", product: { name: "HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8", product_identification_helper: { cpe: "cpe:/o:suse:hpe-helion-openstack:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 8", product: { name: "SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud 9", product: { name: "SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud:9", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 8", product: { name: "SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:8", }, }, }, { category: "product_name", name: "SUSE OpenStack Cloud Crowbar 9", product: { name: "SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9", product_identification_helper: { cpe: "cpe:/o:suse:suse-openstack-cloud-crowbar:9", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Software Development Kit 12 SP5", product: { name: "SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sle-sdk:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP2-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP3-BCL", product: { name: "SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles-bcl:12:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:12:sp4", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 12 SP5", product: { name: "SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles:12:sp5", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product: { name: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:12:sp5", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of HPE Helion OpenStack 8", product_id: "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "HPE Helion OpenStack 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 8", product_id: "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud 9", product_id: "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 8", product_id: "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 8", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE OpenStack Cloud Crowbar 9", product_id: "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE OpenStack Cloud Crowbar 9", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP3", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP4", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP4", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Software Development Kit 12 SP5", product_id: "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Software Development Kit 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP2-BCL", product_id: "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP2-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP3-BCL", product_id: "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP3-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5", product_id: "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5", product_id: "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 12 SP5", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21248", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21248", url: "https://www.suse.com/security/cve/CVE-2022-21248", }, { category: "external", summary: "SUSE Bug 1194926 for CVE-2022-21248", url: "https://bugzilla.suse.com/1194926", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21248", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "low", }, ], title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21271", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21271", url: "https://www.suse.com/security/cve/CVE-2022-21271", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21271", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21277", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21277", url: "https://www.suse.com/security/cve/CVE-2022-21277", }, { category: "external", summary: "SUSE Bug 1194930 for CVE-2022-21277", url: "https://bugzilla.suse.com/1194930", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21277", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21282", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21282", url: "https://www.suse.com/security/cve/CVE-2022-21282", }, { category: "external", summary: "SUSE Bug 1194933 for CVE-2022-21282", url: "https://bugzilla.suse.com/1194933", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21282", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21283", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21283", url: "https://www.suse.com/security/cve/CVE-2022-21283", }, { category: "external", summary: "SUSE Bug 1194937 for CVE-2022-21283", url: "https://bugzilla.suse.com/1194937", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21283", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21291", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21291", url: "https://www.suse.com/security/cve/CVE-2022-21291", }, { category: "external", summary: "SUSE Bug 1194925 for CVE-2022-21291", url: "https://bugzilla.suse.com/1194925", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21291", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21293", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21293", url: "https://www.suse.com/security/cve/CVE-2022-21293", }, { category: "external", summary: "SUSE Bug 1194935 for CVE-2022-21293", url: "https://bugzilla.suse.com/1194935", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21293", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21294", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21294", url: "https://www.suse.com/security/cve/CVE-2022-21294", }, { category: "external", summary: "SUSE Bug 1194934 for CVE-2022-21294", url: "https://bugzilla.suse.com/1194934", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21294", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21296", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21296", url: "https://www.suse.com/security/cve/CVE-2022-21296", }, { category: "external", summary: "SUSE Bug 1194932 for CVE-2022-21296", url: "https://bugzilla.suse.com/1194932", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21296", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21299", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21299", url: "https://www.suse.com/security/cve/CVE-2022-21299", }, { category: "external", summary: "SUSE Bug 1194931 for CVE-2022-21299", url: "https://bugzilla.suse.com/1194931", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21299", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21305", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21305", url: "https://www.suse.com/security/cve/CVE-2022-21305", }, { category: "external", summary: "SUSE Bug 1194939 for CVE-2022-21305", url: "https://bugzilla.suse.com/1194939", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21305", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21340", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21340", url: "https://www.suse.com/security/cve/CVE-2022-21340", }, { category: "external", summary: "SUSE Bug 1194940 for CVE-2022-21340", url: "https://bugzilla.suse.com/1194940", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21340", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21341", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21341", url: "https://www.suse.com/security/cve/CVE-2022-21341", }, { category: "external", summary: "SUSE Bug 1194941 for CVE-2022-21341", url: "https://bugzilla.suse.com/1194941", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21341", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21349", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21349", url: "https://www.suse.com/security/cve/CVE-2022-21349", }, { category: "external", summary: "SUSE Bug 1196500 for CVE-2022-21349", url: "https://bugzilla.suse.com/1196500", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21349", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21360", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21360", url: "https://www.suse.com/security/cve/CVE-2022-21360", }, { category: "external", summary: "SUSE Bug 1194929 for CVE-2022-21360", url: "https://bugzilla.suse.com/1194929", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21360", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21365", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21365", url: "https://www.suse.com/security/cve/CVE-2022-21365", }, { category: "external", summary: "SUSE Bug 1194928 for CVE-2022-21365", url: "https://bugzilla.suse.com/1194928", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21365", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21366", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21366", url: "https://www.suse.com/security/cve/CVE-2022-21366", }, { category: "external", summary: "SUSE Bug 1194927 for CVE-2022-21366", url: "https://bugzilla.suse.com/1194927", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21366", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "HPE Helion OpenStack 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "HPE Helion OpenStack 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP2-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP3-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP4-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP4:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.ppc64le", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.s390x", "SUSE Linux Enterprise Software Development Kit 12 SP5:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 8:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-alsa-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-devel-1.8.0_sr7.5-30.87.1.x86_64", "SUSE OpenStack Cloud Crowbar 9:java-1_8_0-ibm-plugin-1.8.0_sr7.5-30.87.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:39:25Z", details: "moderate", }, ], title: "CVE-2022-21366", }, ], }
suse-su-2022:1027-1
Vulnerability from csaf_suse
Published
2022-03-29 13:42
Modified
2022-03-29 13:42
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
Update Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
Non-securtiy fix:
- Fixed a broken symlink for javaws (bsc#1195146).
Patchnames
SUSE-2022-1027,SUSE-SLE-Module-Legacy-15-SP3-2022-1027,SUSE-SLE-Module-Legacy-15-SP4-2022-1027,SUSE-SLE-Product-SLES-15-2022-1027,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1027,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1027,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1027,SUSE-SLE-Product-SLES_SAP-15-2022-1027,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1027,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1027,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1027,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1027,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1027,SUSE-Storage-6-2022-1027,SUSE-Storage-7-2022-1027
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for java-1_8_0-ibm", title: "Title of the patch", }, { category: "description", text: "This update for java-1_8_0-ibm fixes the following issues:\n\nUpdate Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).\n\nIncluding fixes for the following vulnerabilities: \n\n CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,\n CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,\n CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,\n CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,\n CVE-2022-21271.\n\nNon-securtiy fix:\n\n- Fixed a broken symlink for javaws (bsc#1195146).\n", title: "Description of the patch", }, { category: "details", text: "SUSE-2022-1027,SUSE-SLE-Module-Legacy-15-SP3-2022-1027,SUSE-SLE-Module-Legacy-15-SP4-2022-1027,SUSE-SLE-Product-SLES-15-2022-1027,SUSE-SLE-Product-SLES-15-SP1-BCL-2022-1027,SUSE-SLE-Product-SLES-15-SP1-LTSS-2022-1027,SUSE-SLE-Product-SLES-15-SP2-LTSS-2022-1027,SUSE-SLE-Product-SLES_SAP-15-2022-1027,SUSE-SLE-Product-SLES_SAP-15-SP1-2022-1027,SUSE-SLE-Product-SLES_SAP-15-SP2-2022-1027,SUSE-SLE-Product-SUSE-Manager-Proxy-4.1-2022-1027,SUSE-SLE-Product-SUSE-Manager-Retail-Branch-Server-4.1-2022-1027,SUSE-SLE-Product-SUSE-Manager-Server-4.1-2022-1027,SUSE-Storage-6-2022-1027,SUSE-Storage-7-2022-1027", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_1027-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:1027-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-20221027-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:1027-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010559.html", }, { category: "self", summary: "SUSE Bug 1194925", url: "https://bugzilla.suse.com/1194925", }, { category: "self", summary: "SUSE Bug 1194926", url: "https://bugzilla.suse.com/1194926", }, { category: "self", summary: "SUSE Bug 1194927", url: "https://bugzilla.suse.com/1194927", }, { category: "self", summary: "SUSE Bug 1194928", url: "https://bugzilla.suse.com/1194928", }, { category: "self", summary: "SUSE Bug 1194929", url: "https://bugzilla.suse.com/1194929", }, { category: "self", summary: "SUSE Bug 1194930", url: "https://bugzilla.suse.com/1194930", }, { category: "self", summary: "SUSE Bug 1194931", url: "https://bugzilla.suse.com/1194931", }, { category: "self", summary: "SUSE Bug 1194932", url: "https://bugzilla.suse.com/1194932", }, { category: "self", summary: "SUSE Bug 1194933", url: "https://bugzilla.suse.com/1194933", }, { category: "self", summary: "SUSE Bug 1194934", url: "https://bugzilla.suse.com/1194934", }, { category: "self", summary: "SUSE Bug 1194935", url: "https://bugzilla.suse.com/1194935", }, { category: "self", summary: "SUSE Bug 1194937", url: "https://bugzilla.suse.com/1194937", }, { category: "self", summary: "SUSE Bug 1194939", url: "https://bugzilla.suse.com/1194939", }, { category: "self", summary: "SUSE Bug 1194940", url: "https://bugzilla.suse.com/1194940", }, { category: "self", summary: "SUSE Bug 1194941", url: "https://bugzilla.suse.com/1194941", }, { category: "self", summary: "SUSE Bug 1195146", url: "https://bugzilla.suse.com/1195146", }, { category: "self", summary: "SUSE Bug 1196500", url: "https://bugzilla.suse.com/1196500", }, { category: "self", summary: "SUSE Bug 1197126", url: "https://bugzilla.suse.com/1197126", }, { category: "self", summary: "SUSE CVE CVE-2022-21248 page", url: "https://www.suse.com/security/cve/CVE-2022-21248/", }, { category: "self", summary: "SUSE CVE CVE-2022-21271 page", url: "https://www.suse.com/security/cve/CVE-2022-21271/", }, { category: "self", summary: "SUSE CVE CVE-2022-21277 page", url: "https://www.suse.com/security/cve/CVE-2022-21277/", }, { category: "self", summary: "SUSE CVE CVE-2022-21282 page", url: "https://www.suse.com/security/cve/CVE-2022-21282/", }, { category: "self", summary: "SUSE CVE CVE-2022-21283 page", url: "https://www.suse.com/security/cve/CVE-2022-21283/", }, { category: "self", summary: "SUSE CVE CVE-2022-21291 page", url: "https://www.suse.com/security/cve/CVE-2022-21291/", }, { category: "self", summary: "SUSE CVE CVE-2022-21293 page", url: "https://www.suse.com/security/cve/CVE-2022-21293/", }, { category: "self", summary: "SUSE CVE CVE-2022-21294 page", url: "https://www.suse.com/security/cve/CVE-2022-21294/", }, { category: "self", summary: "SUSE CVE CVE-2022-21296 page", url: "https://www.suse.com/security/cve/CVE-2022-21296/", }, { category: "self", summary: "SUSE CVE CVE-2022-21299 page", url: "https://www.suse.com/security/cve/CVE-2022-21299/", }, { category: "self", summary: "SUSE CVE CVE-2022-21305 page", url: "https://www.suse.com/security/cve/CVE-2022-21305/", }, { category: "self", summary: "SUSE CVE CVE-2022-21340 page", url: "https://www.suse.com/security/cve/CVE-2022-21340/", }, { category: "self", summary: "SUSE CVE CVE-2022-21341 page", url: "https://www.suse.com/security/cve/CVE-2022-21341/", }, { category: "self", summary: "SUSE CVE CVE-2022-21349 page", url: "https://www.suse.com/security/cve/CVE-2022-21349/", }, { category: "self", summary: "SUSE CVE CVE-2022-21360 page", url: "https://www.suse.com/security/cve/CVE-2022-21360/", }, { category: "self", summary: "SUSE CVE CVE-2022-21365 page", url: "https://www.suse.com/security/cve/CVE-2022-21365/", }, { category: "self", summary: "SUSE CVE CVE-2022-21366 page", url: "https://www.suse.com/security/cve/CVE-2022-21366/", }, ], title: "Security update for java-1_8_0-ibm", tracking: { current_release_date: "2022-03-29T13:42:48Z", generator: { date: "2022-03-29T13:42:48Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:1027-1", initial_release_date: "2022-03-29T13:42:48Z", revision_history: [ { date: "2022-03-29T13:42:48Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.i586", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.i586", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.i586", product: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.i586", product_id: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.i586", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.i586", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.i586", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.i586", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.i586", product: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.i586", product_id: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.i586", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.i586", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.i586", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Module for Legacy 15 SP3", product: { name: "SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-module-legacy:15:sp3", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15-LTSS", product: { name: "SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP1-BCL", product: { name: "SUSE Linux Enterprise Server 15 SP1-BCL", product_id: "SUSE Linux Enterprise Server 15 SP1-BCL", product_identification_helper: { cpe: "cpe:/o:suse:sles_bcl:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP1-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server 15 SP2-LTSS", product: { name: "SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:sles-ltss:15:sp2", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp1", }, }, }, { category: "product_name", name: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product: { name: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_identification_helper: { cpe: "cpe:/o:suse:sles_sap:15:sp2", }, }, }, { category: "product_name", name: "SUSE Manager Proxy 4.1", product: { name: "SUSE Manager Proxy 4.1", product_id: "SUSE Manager Proxy 4.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-proxy:4.1", }, }, }, { category: "product_name", name: "SUSE Manager Retail Branch Server 4.1", product: { name: "SUSE Manager Retail Branch Server 4.1", product_id: "SUSE Manager Retail Branch Server 4.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-retail-branch-server:4.1", }, }, }, { category: "product_name", name: "SUSE Manager Server 4.1", product: { name: "SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1", product_identification_helper: { cpe: "cpe:/o:suse:suse-manager-server:4.1", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 6", product: { name: "SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6", product_identification_helper: { cpe: "cpe:/o:suse:ses:6", }, }, }, { category: "product_name", name: "SUSE Enterprise Storage 7", product: { name: "SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7", product_identification_helper: { cpe: "cpe:/o:suse:ses:7", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Module for Legacy 15 SP3", product_id: "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Module for Legacy 15 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15-LTSS", product_id: "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL", product_id: "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL", product_id: "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL", product_id: "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-BCL", product_id: "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-BCL", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP1-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP1-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server 15 SP2-LTSS", product_id: "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 15 SP2-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15", product_id: "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP1", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 15 SP2", product_id: "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server for SAP Applications 15 SP2", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Proxy 4.1", product_id: "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Proxy 4.1", product_id: "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Proxy 4.1", product_id: "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Proxy 4.1", product_id: "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Proxy 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1", product_id: "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1", product_id: "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1", product_id: "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Retail Branch Server 4.1", product_id: "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Retail Branch Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Manager Server 4.1", product_id: "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Manager Server 4.1", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 6", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 6", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 6", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 6", product_id: "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 6", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of SUSE Enterprise Storage 7", product_id: "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "SUSE Enterprise Storage 7", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21248", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21248", url: "https://www.suse.com/security/cve/CVE-2022-21248", }, { category: "external", summary: "SUSE Bug 1194926 for CVE-2022-21248", url: "https://bugzilla.suse.com/1194926", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21248", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "low", }, ], title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21271", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21271", url: "https://www.suse.com/security/cve/CVE-2022-21271", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21271", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21277", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21277", url: "https://www.suse.com/security/cve/CVE-2022-21277", }, { category: "external", summary: "SUSE Bug 1194930 for CVE-2022-21277", url: "https://bugzilla.suse.com/1194930", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21277", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21282", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21282", url: "https://www.suse.com/security/cve/CVE-2022-21282", }, { category: "external", summary: "SUSE Bug 1194933 for CVE-2022-21282", url: "https://bugzilla.suse.com/1194933", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21282", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21283", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21283", url: "https://www.suse.com/security/cve/CVE-2022-21283", }, { category: "external", summary: "SUSE Bug 1194937 for CVE-2022-21283", url: "https://bugzilla.suse.com/1194937", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21283", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21291", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21291", url: "https://www.suse.com/security/cve/CVE-2022-21291", }, { category: "external", summary: "SUSE Bug 1194925 for CVE-2022-21291", url: "https://bugzilla.suse.com/1194925", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21291", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21293", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21293", url: "https://www.suse.com/security/cve/CVE-2022-21293", }, { category: "external", summary: "SUSE Bug 1194935 for CVE-2022-21293", url: "https://bugzilla.suse.com/1194935", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21293", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21294", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21294", url: "https://www.suse.com/security/cve/CVE-2022-21294", }, { category: "external", summary: "SUSE Bug 1194934 for CVE-2022-21294", url: "https://bugzilla.suse.com/1194934", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21294", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21296", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21296", url: "https://www.suse.com/security/cve/CVE-2022-21296", }, { category: "external", summary: "SUSE Bug 1194932 for CVE-2022-21296", url: "https://bugzilla.suse.com/1194932", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21296", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21299", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21299", url: "https://www.suse.com/security/cve/CVE-2022-21299", }, { category: "external", summary: "SUSE Bug 1194931 for CVE-2022-21299", url: "https://bugzilla.suse.com/1194931", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21299", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21305", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21305", url: "https://www.suse.com/security/cve/CVE-2022-21305", }, { category: "external", summary: "SUSE Bug 1194939 for CVE-2022-21305", url: "https://bugzilla.suse.com/1194939", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21305", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21340", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21340", url: "https://www.suse.com/security/cve/CVE-2022-21340", }, { category: "external", summary: "SUSE Bug 1194940 for CVE-2022-21340", url: "https://bugzilla.suse.com/1194940", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21340", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21341", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21341", url: "https://www.suse.com/security/cve/CVE-2022-21341", }, { category: "external", summary: "SUSE Bug 1194941 for CVE-2022-21341", url: "https://bugzilla.suse.com/1194941", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21341", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21349", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21349", url: "https://www.suse.com/security/cve/CVE-2022-21349", }, { category: "external", summary: "SUSE Bug 1196500 for CVE-2022-21349", url: "https://bugzilla.suse.com/1196500", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21349", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21360", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21360", url: "https://www.suse.com/security/cve/CVE-2022-21360", }, { category: "external", summary: "SUSE Bug 1194929 for CVE-2022-21360", url: "https://bugzilla.suse.com/1194929", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21360", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21365", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21365", url: "https://www.suse.com/security/cve/CVE-2022-21365", }, { category: "external", summary: "SUSE Bug 1194928 for CVE-2022-21365", url: "https://bugzilla.suse.com/1194928", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21365", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21366", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21366", url: "https://www.suse.com/security/cve/CVE-2022-21366", }, { category: "external", summary: "SUSE Bug 1194927 for CVE-2022-21366", url: "https://bugzilla.suse.com/1194927", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21366", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Enterprise Storage 6:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 6:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Enterprise Storage 7:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Module for Legacy 15 SP3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-BCL:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP1-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15 SP2-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server 15-LTSS:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15 SP2:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Linux Enterprise Server for SAP Applications 15:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Proxy 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Retail Branch Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "SUSE Manager Server 4.1:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "SUSE Manager Server 4.1:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:48Z", details: "moderate", }, ], title: "CVE-2022-21366", }, ], }
suse-su-2022:14926-1
Vulnerability from csaf_suse
Published
2022-03-23 08:10
Modified
2022-03-23 08:10
Summary
Security update for java-1_7_0-ibm
Notes
Title of the patch
Security update for java-1_7_0-ibm
Description of the patch
This update for java-1_7_0-ibm fixes the following issues:
Update Java 7.0 to Service Refresh 11 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
Patchnames
sleposp3-java-1_7_0-ibm-14926
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for java-1_7_0-ibm", title: "Title of the patch", }, { category: "description", text: "This update for java-1_7_0-ibm fixes the following issues:\n\nUpdate Java 7.0 to Service Refresh 11 Fix Pack 5 (bsc#1197126).\n\nIncluding fixes for the following vulnerabilities: \n\n CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,\n CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,\n CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,\n CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,\n CVE-2022-21271.\n", title: "Description of the patch", }, { category: "details", text: "sleposp3-java-1_7_0-ibm-14926", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14926-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:14926-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-202214926-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:14926-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010503.html", }, { category: "self", summary: "SUSE Bug 1194925", url: "https://bugzilla.suse.com/1194925", }, { category: "self", summary: "SUSE Bug 1194926", url: "https://bugzilla.suse.com/1194926", }, { category: "self", summary: "SUSE Bug 1194927", url: "https://bugzilla.suse.com/1194927", }, { category: "self", summary: "SUSE Bug 1194928", url: "https://bugzilla.suse.com/1194928", }, { category: "self", summary: "SUSE Bug 1194929", url: "https://bugzilla.suse.com/1194929", }, { category: "self", summary: "SUSE Bug 1194930", url: "https://bugzilla.suse.com/1194930", }, { category: "self", summary: "SUSE Bug 1194931", url: "https://bugzilla.suse.com/1194931", }, { category: "self", summary: "SUSE Bug 1194932", url: "https://bugzilla.suse.com/1194932", }, { category: "self", summary: "SUSE Bug 1194933", url: "https://bugzilla.suse.com/1194933", }, { category: "self", summary: "SUSE Bug 1194934", url: "https://bugzilla.suse.com/1194934", }, { category: "self", summary: "SUSE Bug 1194935", url: "https://bugzilla.suse.com/1194935", }, { category: "self", summary: "SUSE Bug 1194937", url: "https://bugzilla.suse.com/1194937", }, { category: "self", summary: "SUSE Bug 1194939", url: "https://bugzilla.suse.com/1194939", }, { category: "self", summary: "SUSE Bug 1194940", url: "https://bugzilla.suse.com/1194940", }, { category: "self", summary: "SUSE Bug 1194941", url: "https://bugzilla.suse.com/1194941", }, { category: "self", summary: "SUSE Bug 1196500", url: "https://bugzilla.suse.com/1196500", }, { category: "self", summary: "SUSE Bug 1197126", url: "https://bugzilla.suse.com/1197126", }, { category: "self", summary: "SUSE CVE CVE-2022-21248 page", url: "https://www.suse.com/security/cve/CVE-2022-21248/", }, { category: "self", summary: "SUSE CVE CVE-2022-21271 page", url: "https://www.suse.com/security/cve/CVE-2022-21271/", }, { category: "self", summary: "SUSE CVE CVE-2022-21277 page", url: "https://www.suse.com/security/cve/CVE-2022-21277/", }, { category: "self", summary: "SUSE CVE CVE-2022-21282 page", url: "https://www.suse.com/security/cve/CVE-2022-21282/", }, { category: "self", summary: "SUSE CVE CVE-2022-21283 page", url: "https://www.suse.com/security/cve/CVE-2022-21283/", }, { category: "self", summary: "SUSE CVE CVE-2022-21291 page", url: "https://www.suse.com/security/cve/CVE-2022-21291/", }, { category: "self", summary: "SUSE CVE CVE-2022-21293 page", url: "https://www.suse.com/security/cve/CVE-2022-21293/", }, { category: "self", summary: "SUSE CVE CVE-2022-21294 page", url: "https://www.suse.com/security/cve/CVE-2022-21294/", }, { category: "self", summary: "SUSE CVE CVE-2022-21296 page", url: "https://www.suse.com/security/cve/CVE-2022-21296/", }, { category: "self", summary: "SUSE CVE CVE-2022-21299 page", url: "https://www.suse.com/security/cve/CVE-2022-21299/", }, { category: "self", summary: "SUSE CVE CVE-2022-21305 page", url: "https://www.suse.com/security/cve/CVE-2022-21305/", }, { category: "self", summary: "SUSE CVE CVE-2022-21340 page", url: "https://www.suse.com/security/cve/CVE-2022-21340/", }, { category: "self", summary: "SUSE CVE CVE-2022-21341 page", url: "https://www.suse.com/security/cve/CVE-2022-21341/", }, { category: "self", summary: "SUSE CVE CVE-2022-21349 page", url: "https://www.suse.com/security/cve/CVE-2022-21349/", }, { category: "self", summary: "SUSE CVE CVE-2022-21360 page", url: "https://www.suse.com/security/cve/CVE-2022-21360/", }, { category: "self", summary: "SUSE CVE CVE-2022-21365 page", url: "https://www.suse.com/security/cve/CVE-2022-21365/", }, { category: "self", summary: "SUSE CVE CVE-2022-21366 page", url: "https://www.suse.com/security/cve/CVE-2022-21366/", }, ], title: "Security update for java-1_7_0-ibm", tracking: { current_release_date: "2022-03-23T08:10:48Z", generator: { date: "2022-03-23T08:10:48Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:14926-1", initial_release_date: "2022-03-23T08:10:48Z", revision_history: [ { date: "2022-03-23T08:10:48Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", product: { name: "java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", product_id: "java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", }, }, { category: "product_version", name: "java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", product: { name: "java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", product_id: "java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", }, }, { category: "product_version", name: "java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", product: { name: "java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", product_id: "java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", }, }, { category: "product_version", name: "java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", product: { name: "java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", product_id: "java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", }, }, { category: "product_version", name: "java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", product: { name: "java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", product_id: "java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Point of Sale 11 SP3", product: { name: "SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3", product_identification_helper: { cpe: "cpe:/o:suse:sle-pos:11:sp3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", }, product_reference: "java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", }, product_reference: "java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", }, product_reference: "java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", }, product_reference: "java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, { category: "default_component_of", full_product_name: { name: "java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586 as component of SUSE Linux Enterprise Point of Sale 11 SP3", product_id: "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", }, product_reference: "java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", relates_to_product_reference: "SUSE Linux Enterprise Point of Sale 11 SP3", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21248", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21248", url: "https://www.suse.com/security/cve/CVE-2022-21248", }, { category: "external", summary: "SUSE Bug 1194926 for CVE-2022-21248", url: "https://bugzilla.suse.com/1194926", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21248", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "low", }, ], title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21271", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21271", url: "https://www.suse.com/security/cve/CVE-2022-21271", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21271", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21277", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21277", url: "https://www.suse.com/security/cve/CVE-2022-21277", }, { category: "external", summary: "SUSE Bug 1194930 for CVE-2022-21277", url: "https://bugzilla.suse.com/1194930", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21277", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21282", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21282", url: "https://www.suse.com/security/cve/CVE-2022-21282", }, { category: "external", summary: "SUSE Bug 1194933 for CVE-2022-21282", url: "https://bugzilla.suse.com/1194933", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21282", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21283", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21283", url: "https://www.suse.com/security/cve/CVE-2022-21283", }, { category: "external", summary: "SUSE Bug 1194937 for CVE-2022-21283", url: "https://bugzilla.suse.com/1194937", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21283", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21291", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21291", url: "https://www.suse.com/security/cve/CVE-2022-21291", }, { category: "external", summary: "SUSE Bug 1194925 for CVE-2022-21291", url: "https://bugzilla.suse.com/1194925", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21291", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21293", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21293", url: "https://www.suse.com/security/cve/CVE-2022-21293", }, { category: "external", summary: "SUSE Bug 1194935 for CVE-2022-21293", url: "https://bugzilla.suse.com/1194935", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21293", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21294", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21294", url: "https://www.suse.com/security/cve/CVE-2022-21294", }, { category: "external", summary: "SUSE Bug 1194934 for CVE-2022-21294", url: "https://bugzilla.suse.com/1194934", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21294", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21296", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21296", url: "https://www.suse.com/security/cve/CVE-2022-21296", }, { category: "external", summary: "SUSE Bug 1194932 for CVE-2022-21296", url: "https://bugzilla.suse.com/1194932", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21296", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21299", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21299", url: "https://www.suse.com/security/cve/CVE-2022-21299", }, { category: "external", summary: "SUSE Bug 1194931 for CVE-2022-21299", url: "https://bugzilla.suse.com/1194931", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21299", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21305", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21305", url: "https://www.suse.com/security/cve/CVE-2022-21305", }, { category: "external", summary: "SUSE Bug 1194939 for CVE-2022-21305", url: "https://bugzilla.suse.com/1194939", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21305", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21340", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21340", url: "https://www.suse.com/security/cve/CVE-2022-21340", }, { category: "external", summary: "SUSE Bug 1194940 for CVE-2022-21340", url: "https://bugzilla.suse.com/1194940", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21340", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21341", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21341", url: "https://www.suse.com/security/cve/CVE-2022-21341", }, { category: "external", summary: "SUSE Bug 1194941 for CVE-2022-21341", url: "https://bugzilla.suse.com/1194941", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21341", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21349", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21349", url: "https://www.suse.com/security/cve/CVE-2022-21349", }, { category: "external", summary: "SUSE Bug 1196500 for CVE-2022-21349", url: "https://bugzilla.suse.com/1196500", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21349", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21360", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21360", url: "https://www.suse.com/security/cve/CVE-2022-21360", }, { category: "external", summary: "SUSE Bug 1194929 for CVE-2022-21360", url: "https://bugzilla.suse.com/1194929", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21360", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21365", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21365", url: "https://www.suse.com/security/cve/CVE-2022-21365", }, { category: "external", summary: "SUSE Bug 1194928 for CVE-2022-21365", url: "https://bugzilla.suse.com/1194928", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21365", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21366", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, references: [ { category: "external", summary: "CVE-2022-21366", url: "https://www.suse.com/security/cve/CVE-2022-21366", }, { category: "external", summary: "SUSE Bug 1194927 for CVE-2022-21366", url: "https://bugzilla.suse.com/1194927", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21366", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-alsa-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-devel-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-jdbc-1.7.0_sr11.5-65.66.1.i586", "SUSE Linux Enterprise Point of Sale 11 SP3:java-1_7_0-ibm-plugin-1.7.0_sr11.5-65.66.1.i586", ], }, ], threats: [ { category: "impact", date: "2022-03-23T08:10:48Z", details: "moderate", }, ], title: "CVE-2022-21366", }, ], }
suse-su-2022:14927-1
Vulnerability from csaf_suse
Published
2022-03-23 09:42
Modified
2022-03-23 09:42
Summary
Security update for java-1_7_1-ibm
Notes
Title of the patch
Security update for java-1_7_1-ibm
Description of the patch
This update for java-1_7_1-ibm fixes the following issues:
Update Java 7.1 to Service Refresh 7 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
Patchnames
slessp4-java-1_7_1-ibm-14927
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for java-1_7_1-ibm", title: "Title of the patch", }, { category: "description", text: "This update for java-1_7_1-ibm fixes the following issues:\n\nUpdate Java 7.1 to Service Refresh 7 Fix Pack 5 (bsc#1197126).\n\nIncluding fixes for the following vulnerabilities: \n\n CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,\n CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,\n CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,\n CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,\n CVE-2022-21271.\n", title: "Description of the patch", }, { category: "details", text: "slessp4-java-1_7_1-ibm-14927", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2022_14927-1.json", }, { category: "self", summary: "URL for SUSE-SU-2022:14927-1", url: "https://www.suse.com/support/update/announcement/2022/suse-su-202214927-1/", }, { category: "self", summary: "E-Mail link for SUSE-SU-2022:14927-1", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010505.html", }, { category: "self", summary: "SUSE Bug 1194925", url: "https://bugzilla.suse.com/1194925", }, { category: "self", summary: "SUSE Bug 1194926", url: "https://bugzilla.suse.com/1194926", }, { category: "self", summary: "SUSE Bug 1194927", url: "https://bugzilla.suse.com/1194927", }, { category: "self", summary: "SUSE Bug 1194928", url: "https://bugzilla.suse.com/1194928", }, { category: "self", summary: "SUSE Bug 1194929", url: "https://bugzilla.suse.com/1194929", }, { category: "self", summary: "SUSE Bug 1194930", url: "https://bugzilla.suse.com/1194930", }, { category: "self", summary: "SUSE Bug 1194931", url: "https://bugzilla.suse.com/1194931", }, { category: "self", summary: "SUSE Bug 1194932", url: "https://bugzilla.suse.com/1194932", }, { category: "self", summary: "SUSE Bug 1194933", url: "https://bugzilla.suse.com/1194933", }, { category: "self", summary: "SUSE Bug 1194934", url: "https://bugzilla.suse.com/1194934", }, { category: "self", summary: "SUSE Bug 1194935", url: "https://bugzilla.suse.com/1194935", }, { category: "self", summary: "SUSE Bug 1194937", url: "https://bugzilla.suse.com/1194937", }, { category: "self", summary: "SUSE Bug 1194939", url: "https://bugzilla.suse.com/1194939", }, { category: "self", summary: "SUSE Bug 1194940", url: "https://bugzilla.suse.com/1194940", }, { category: "self", summary: "SUSE Bug 1194941", url: "https://bugzilla.suse.com/1194941", }, { category: "self", summary: "SUSE Bug 1196500", url: "https://bugzilla.suse.com/1196500", }, { category: "self", summary: "SUSE Bug 1197126", url: "https://bugzilla.suse.com/1197126", }, { category: "self", summary: "SUSE CVE CVE-2022-21248 page", url: "https://www.suse.com/security/cve/CVE-2022-21248/", }, { category: "self", summary: "SUSE CVE CVE-2022-21271 page", url: "https://www.suse.com/security/cve/CVE-2022-21271/", }, { category: "self", summary: "SUSE CVE CVE-2022-21277 page", url: "https://www.suse.com/security/cve/CVE-2022-21277/", }, { category: "self", summary: "SUSE CVE CVE-2022-21282 page", url: "https://www.suse.com/security/cve/CVE-2022-21282/", }, { category: "self", summary: "SUSE CVE CVE-2022-21283 page", url: "https://www.suse.com/security/cve/CVE-2022-21283/", }, { category: "self", summary: "SUSE CVE CVE-2022-21291 page", url: "https://www.suse.com/security/cve/CVE-2022-21291/", }, { category: "self", summary: "SUSE CVE CVE-2022-21293 page", url: "https://www.suse.com/security/cve/CVE-2022-21293/", }, { category: "self", summary: "SUSE CVE CVE-2022-21294 page", url: "https://www.suse.com/security/cve/CVE-2022-21294/", }, { category: "self", summary: "SUSE CVE CVE-2022-21296 page", url: "https://www.suse.com/security/cve/CVE-2022-21296/", }, { category: "self", summary: "SUSE CVE CVE-2022-21299 page", url: "https://www.suse.com/security/cve/CVE-2022-21299/", }, { category: "self", summary: "SUSE CVE CVE-2022-21305 page", url: "https://www.suse.com/security/cve/CVE-2022-21305/", }, { category: "self", summary: "SUSE CVE CVE-2022-21340 page", url: "https://www.suse.com/security/cve/CVE-2022-21340/", }, { category: "self", summary: "SUSE CVE CVE-2022-21341 page", url: "https://www.suse.com/security/cve/CVE-2022-21341/", }, { category: "self", summary: "SUSE CVE CVE-2022-21349 page", url: "https://www.suse.com/security/cve/CVE-2022-21349/", }, { category: "self", summary: "SUSE CVE CVE-2022-21360 page", url: "https://www.suse.com/security/cve/CVE-2022-21360/", }, { category: "self", summary: "SUSE CVE CVE-2022-21365 page", url: "https://www.suse.com/security/cve/CVE-2022-21365/", }, { category: "self", summary: "SUSE CVE CVE-2022-21366 page", url: "https://www.suse.com/security/cve/CVE-2022-21366/", }, ], title: "Security update for java-1_7_1-ibm", tracking: { current_release_date: "2022-03-23T09:42:03Z", generator: { date: "2022-03-23T09:42:03Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "SUSE-SU-2022:14927-1", initial_release_date: "2022-03-23T09:42:03Z", revision_history: [ { date: "2022-03-23T09:42:03Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", product: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", product_id: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", }, }, { category: "product_version", name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", product: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", product_id: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", }, }, ], category: "architecture", name: "i586", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", }, }, ], category: "architecture", name: "ppc64", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", product: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", product_id: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", product: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", product_id: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", product: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", product_id: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", product: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", product_id: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", }, }, { category: "product_version", name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", product: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", product_id: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product: { name: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS", product_identification_helper: { cpe: "cpe:/o:suse:suse_sles:11:sp4", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", }, product_reference: "java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", }, product_reference: "java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", }, product_reference: "java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", }, product_reference: "java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, { category: "default_component_of", full_product_name: { name: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64 as component of SUSE Linux Enterprise Server 11 SP4-LTSS", product_id: "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", }, product_reference: "java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", relates_to_product_reference: "SUSE Linux Enterprise Server 11 SP4-LTSS", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21248", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21248", url: "https://www.suse.com/security/cve/CVE-2022-21248", }, { category: "external", summary: "SUSE Bug 1194926 for CVE-2022-21248", url: "https://bugzilla.suse.com/1194926", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21248", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "low", }, ], title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21271", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21271", url: "https://www.suse.com/security/cve/CVE-2022-21271", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21271", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21277", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21277", url: "https://www.suse.com/security/cve/CVE-2022-21277", }, { category: "external", summary: "SUSE Bug 1194930 for CVE-2022-21277", url: "https://bugzilla.suse.com/1194930", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21277", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21282", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21282", url: "https://www.suse.com/security/cve/CVE-2022-21282", }, { category: "external", summary: "SUSE Bug 1194933 for CVE-2022-21282", url: "https://bugzilla.suse.com/1194933", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21282", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21283", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21283", url: "https://www.suse.com/security/cve/CVE-2022-21283", }, { category: "external", summary: "SUSE Bug 1194937 for CVE-2022-21283", url: "https://bugzilla.suse.com/1194937", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21283", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21291", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21291", url: "https://www.suse.com/security/cve/CVE-2022-21291", }, { category: "external", summary: "SUSE Bug 1194925 for CVE-2022-21291", url: "https://bugzilla.suse.com/1194925", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21291", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21293", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21293", url: "https://www.suse.com/security/cve/CVE-2022-21293", }, { category: "external", summary: "SUSE Bug 1194935 for CVE-2022-21293", url: "https://bugzilla.suse.com/1194935", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21293", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21294", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21294", url: "https://www.suse.com/security/cve/CVE-2022-21294", }, { category: "external", summary: "SUSE Bug 1194934 for CVE-2022-21294", url: "https://bugzilla.suse.com/1194934", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21294", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21296", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21296", url: "https://www.suse.com/security/cve/CVE-2022-21296", }, { category: "external", summary: "SUSE Bug 1194932 for CVE-2022-21296", url: "https://bugzilla.suse.com/1194932", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21296", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21299", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21299", url: "https://www.suse.com/security/cve/CVE-2022-21299", }, { category: "external", summary: "SUSE Bug 1194931 for CVE-2022-21299", url: "https://bugzilla.suse.com/1194931", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21299", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21305", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21305", url: "https://www.suse.com/security/cve/CVE-2022-21305", }, { category: "external", summary: "SUSE Bug 1194939 for CVE-2022-21305", url: "https://bugzilla.suse.com/1194939", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21305", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21340", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21340", url: "https://www.suse.com/security/cve/CVE-2022-21340", }, { category: "external", summary: "SUSE Bug 1194940 for CVE-2022-21340", url: "https://bugzilla.suse.com/1194940", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21340", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21341", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21341", url: "https://www.suse.com/security/cve/CVE-2022-21341", }, { category: "external", summary: "SUSE Bug 1194941 for CVE-2022-21341", url: "https://bugzilla.suse.com/1194941", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21341", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21349", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21349", url: "https://www.suse.com/security/cve/CVE-2022-21349", }, { category: "external", summary: "SUSE Bug 1196500 for CVE-2022-21349", url: "https://bugzilla.suse.com/1196500", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21349", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21360", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21360", url: "https://www.suse.com/security/cve/CVE-2022-21360", }, { category: "external", summary: "SUSE Bug 1194929 for CVE-2022-21360", url: "https://bugzilla.suse.com/1194929", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21360", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21365", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21365", url: "https://www.suse.com/security/cve/CVE-2022-21365", }, { category: "external", summary: "SUSE Bug 1194928 for CVE-2022-21365", url: "https://bugzilla.suse.com/1194928", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21365", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21366", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21366", url: "https://www.suse.com/security/cve/CVE-2022-21366", }, { category: "external", summary: "SUSE Bug 1194927 for CVE-2022-21366", url: "https://bugzilla.suse.com/1194927", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21366", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-alsa-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-devel-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.ppc64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.s390x", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-jdbc-1.7.1_sr5.5-26.71.2.x86_64", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.i586", "SUSE Linux Enterprise Server 11 SP4-LTSS:java-1_7_1-ibm-plugin-1.7.1_sr5.5-26.71.2.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-23T09:42:03Z", details: "moderate", }, ], title: "CVE-2022-21366", }, ], }
WID-SEC-W-2022-0432
Vulnerability from csaf_certbund
Published
2022-06-21 22:00
Modified
2023-04-03 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0432 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0432.json", }, { category: "self", summary: "WID-SEC-2022-0432 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0432", }, { category: "external", summary: "XEROX Security Advisory XRX23-005 vom 2023-04-04", url: "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf", }, { category: "external", summary: "Xerox Mini Bulletin XRX21A vom 2022-06-21", url: "https://security.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-014-FreeFlow-Print-Server-v9.pdf", }, ], source_lang: "en-US", title: "Xerox FreeFlow Print Server: Mehrere Schwachstellen", tracking: { current_release_date: "2023-04-03T22:00:00.000+00:00", generator: { date: "2024-08-15T17:29:02.928+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0432", initial_release_date: "2022-06-21T22:00:00.000+00:00", revision_history: [ { date: "2022-06-21T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-04-03T22:00:00.000+00:00", number: "2", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server 9", product: { name: "Xerox FreeFlow Print Server 9", product_id: "T002977", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:9", }, }, }, { category: "product_name", name: "Xerox FreeFlow Print Server v9", product: { name: "Xerox FreeFlow Print Server v9", product_id: "T015632", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2016-2124", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2016-2124", }, { cve: "CVE-2019-14822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2019-14822", }, { cve: "CVE-2019-19906", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2019-19906", }, { cve: "CVE-2020-15250", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-15250", }, { cve: "CVE-2020-17049", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-17049", }, { cve: "CVE-2020-25717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25717", }, { cve: "CVE-2020-25718", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25718", }, { cve: "CVE-2020-25719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25719", }, { cve: "CVE-2020-25721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25721", }, { cve: "CVE-2020-25722", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25722", }, { cve: "CVE-2020-9484", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-9484", }, { cve: "CVE-2021-21707", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-21707", }, { cve: "CVE-2021-22926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-22926", }, { cve: "CVE-2021-23192", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-23192", }, { cve: "CVE-2021-27815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-27815", }, { cve: "CVE-2021-30846", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30846", }, { cve: "CVE-2021-30848", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30848", }, { cve: "CVE-2021-30849", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30849", }, { cve: "CVE-2021-30851", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30851", }, { cve: "CVE-2021-30858", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30858", }, { cve: "CVE-2021-33430", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-33430", }, { cve: "CVE-2021-34141", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-34141", }, { cve: "CVE-2021-35604", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-35604", }, { cve: "CVE-2021-35624", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-35624", }, { cve: "CVE-2021-3572", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3572", }, { cve: "CVE-2021-3711", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3711", }, { cve: "CVE-2021-3733", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3733", }, { cve: "CVE-2021-3737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3737", }, { cve: "CVE-2021-3738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3738", }, { cve: "CVE-2021-3770", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3770", }, { cve: "CVE-2021-3778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3778", }, { cve: "CVE-2021-3796", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3796", }, { cve: "CVE-2021-38115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-38115", }, { cve: "CVE-2021-3872", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3872", }, { cve: "CVE-2021-3875", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3875", }, { cve: "CVE-2021-3903", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3903", }, { cve: "CVE-2021-39212", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39212", }, { cve: "CVE-2021-39272", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39272", }, { cve: "CVE-2021-3928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3928", }, { cve: "CVE-2021-3968", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3968", }, { cve: "CVE-2021-3973", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3973", }, { cve: "CVE-2021-3974", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3974", }, { cve: "CVE-2021-3984", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3984", }, { cve: "CVE-2021-39920", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39920", }, { cve: "CVE-2021-39921", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39921", }, { cve: "CVE-2021-39922", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39922", }, { cve: "CVE-2021-39923", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39923", }, { cve: "CVE-2021-39924", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39924", }, { cve: "CVE-2021-39925", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39925", }, { cve: "CVE-2021-39926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39926", }, { cve: "CVE-2021-39928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39928", }, { cve: "CVE-2021-39929", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39929", }, { cve: "CVE-2021-4008", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4008", }, { cve: "CVE-2021-4009", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4009", }, { cve: "CVE-2021-4010", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4010", }, { cve: "CVE-2021-4011", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4011", }, { cve: "CVE-2021-40145", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-40145", }, { cve: "CVE-2021-4019", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4019", }, { cve: "CVE-2021-4034", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4034", }, { cve: "CVE-2021-4069", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4069", }, { cve: "CVE-2021-40812", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-40812", }, { cve: "CVE-2021-41133", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41133", }, { cve: "CVE-2021-4140", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4140", }, { cve: "CVE-2021-41495", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41495", }, { cve: "CVE-2021-41496", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41496", }, { cve: "CVE-2021-4181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4181", }, { cve: "CVE-2021-41817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41817", }, { cve: "CVE-2021-41819", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41819", }, { cve: "CVE-2021-4182", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4182", }, { cve: "CVE-2021-4183", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4183", }, { cve: "CVE-2021-4184", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4184", }, { cve: "CVE-2021-4185", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4185", }, { cve: "CVE-2021-42717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-42717", }, { cve: "CVE-2021-42762", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-42762", }, { cve: "CVE-2021-43331", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43331", }, { cve: "CVE-2021-43332", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43332", }, { cve: "CVE-2021-43395", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43395", }, { cve: "CVE-2021-43527", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43527", }, { cve: "CVE-2021-43528", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43528", }, { cve: "CVE-2021-43536", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43536", }, { cve: "CVE-2021-43537", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43537", }, { cve: "CVE-2021-43538", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43538", }, { cve: "CVE-2021-43539", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43539", }, { cve: "CVE-2021-43541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43541", }, { cve: "CVE-2021-43542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43542", }, { cve: "CVE-2021-43543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43543", }, { cve: "CVE-2021-43545", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43545", }, { cve: "CVE-2021-43546", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43546", }, { cve: "CVE-2021-43566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43566", }, { cve: "CVE-2021-43818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43818", }, { cve: "CVE-2021-44142", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44142", }, { cve: "CVE-2021-44224", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44224", }, { cve: "CVE-2021-44227", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44227", }, { cve: "CVE-2021-44420", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44420", }, { cve: "CVE-2021-44531", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44531", }, { cve: "CVE-2021-44532", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44532", }, { cve: "CVE-2021-44533", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44533", }, { cve: "CVE-2021-44540", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44540", }, { cve: "CVE-2021-44541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44541", }, { cve: "CVE-2021-44542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44542", }, { cve: "CVE-2021-44543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44543", }, { cve: "CVE-2021-44790", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44790", }, { cve: "CVE-2021-45078", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45078", }, { cve: "CVE-2021-45115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45115", }, { cve: "CVE-2021-45116", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45116", }, { cve: "CVE-2021-45452", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45452", }, { cve: "CVE-2021-45960", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45960", }, { cve: "CVE-2021-46143", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-46143", }, { cve: "CVE-2022-0336", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0336", }, { cve: "CVE-2022-0391", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0391", }, { cve: "CVE-2022-0566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0566", }, { cve: "CVE-2022-0581", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0581", }, { cve: "CVE-2022-0582", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0582", }, { cve: "CVE-2022-0583", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0583", }, { cve: "CVE-2022-0585", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0585", }, { cve: "CVE-2022-0586", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0586", }, { cve: "CVE-2022-0778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0778", }, { cve: "CVE-2022-21248", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21248", }, { cve: "CVE-2022-21263", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21263", }, { cve: "CVE-2022-21271", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21271", }, { cve: "CVE-2022-21282", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21282", }, { cve: "CVE-2022-21291", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21296", }, { cve: "CVE-2022-21298", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21298", }, { cve: "CVE-2022-21299", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21365", }, { cve: "CVE-2022-21375", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21375", }, { cve: "CVE-2022-21384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21384", }, { cve: "CVE-2022-21416", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21416", }, { cve: "CVE-2022-21446", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21446", }, { cve: "CVE-2022-21461", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21461", }, { cve: "CVE-2022-21463", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21463", }, { cve: "CVE-2022-21493", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21493", }, { cve: "CVE-2022-21494", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21494", }, { cve: "CVE-2022-21712", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21712", }, { cve: "CVE-2022-21716", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21716", }, { cve: "CVE-2022-21824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21824", }, { cve: "CVE-2022-22719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22719", }, { cve: "CVE-2022-22720", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22720", }, { cve: "CVE-2022-22721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22721", }, { cve: "CVE-2022-22737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22737", }, { cve: "CVE-2022-22738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22738", }, { cve: "CVE-2022-22739", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22739", }, { cve: "CVE-2022-22740", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22740", }, { cve: "CVE-2022-22741", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22741", }, { cve: "CVE-2022-22742", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22742", }, { cve: "CVE-2022-22743", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22743", }, { cve: "CVE-2022-22744", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22744", }, { cve: "CVE-2022-22745", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22745", }, { cve: "CVE-2022-22746", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22746", }, { cve: "CVE-2022-22747", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22747", }, { cve: "CVE-2022-22748", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22748", }, { cve: "CVE-2022-22751", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22751", }, { cve: "CVE-2022-22753", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22753", }, { cve: "CVE-2022-22754", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22754", }, { cve: "CVE-2022-22756", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22756", }, { cve: "CVE-2022-22759", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22759", }, { cve: "CVE-2022-22760", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22760", }, { cve: "CVE-2022-22761", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22761", }, { cve: "CVE-2022-22763", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22763", }, { cve: "CVE-2022-22764", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22764", }, { cve: "CVE-2022-22815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22815", }, { cve: "CVE-2022-22816", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22816", }, { cve: "CVE-2022-22817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22817", }, { cve: "CVE-2022-22818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22818", }, { cve: "CVE-2022-22822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22822", }, { cve: "CVE-2022-22823", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22823", }, { cve: "CVE-2022-22824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22824", }, { cve: "CVE-2022-22825", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22825", }, { cve: "CVE-2022-22826", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22826", }, { cve: "CVE-2022-22827", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22827", }, { cve: "CVE-2022-23181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23181", }, { cve: "CVE-2022-23833", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23833", }, { cve: "CVE-2022-23852", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23852", }, { cve: "CVE-2022-23943", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23943", }, { cve: "CVE-2022-23990", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23990", }, { cve: "CVE-2022-24407", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-24407", }, { cve: "CVE-2022-25235", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25235", }, { cve: "CVE-2022-25236", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25236", }, { cve: "CVE-2022-25313", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25313", }, { cve: "CVE-2022-25314", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25314", }, { cve: "CVE-2022-25315", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25315", }, { cve: "CVE-2022-26381", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26381", }, { cve: "CVE-2022-26383", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26383", }, { cve: "CVE-2022-26384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26384", }, { cve: "CVE-2022-26386", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26386", }, { cve: "CVE-2022-26387", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26387", }, { cve: "CVE-2022-26485", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26485", }, { cve: "CVE-2022-26486", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26486", }, ], }
wid-sec-w-2022-0302
Vulnerability from csaf_certbund
Published
2022-06-14 22:00
Modified
2023-04-03 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Administratorrechten
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0302 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0302.json", }, { category: "self", summary: "WID-SEC-2022-0302 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0302", }, { category: "external", summary: "XEROX Security Advisory XRX23-005 vom 2023-04-04", url: "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf", }, { category: "external", summary: "Xerox Security Bulletin XRX22-015", url: "https://security.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-015-FreeFlow-Print-Server-v7.pdf", }, { category: "external", summary: "Xerox Security Bulletin XRX22-013 vom 2022-06-14", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-013-FreeFlow-Print-Server-v9.pdf", }, { category: "external", summary: "Xerox Security Bulletin XRX22-012 vom 2022-06-14", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-012-FreeFlow-Printer.pdf", }, ], source_lang: "en-US", title: "Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Administratorrechten", tracking: { current_release_date: "2023-04-03T22:00:00.000+00:00", generator: { date: "2024-08-15T17:27:55.136+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0302", initial_release_date: "2022-06-14T22:00:00.000+00:00", revision_history: [ { date: "2022-06-14T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-06-21T22:00:00.000+00:00", number: "2", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2023-04-03T22:00:00.000+00:00", number: "3", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server 7", product: { name: "Xerox FreeFlow Print Server 7", product_id: "T000872", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:7", }, }, }, { category: "product_name", name: "Xerox FreeFlow Print Server 9", product: { name: "Xerox FreeFlow Print Server 9", product_id: "T002977", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:9", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2016-2124", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2016-2124", }, { cve: "CVE-2019-14822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2019-14822", }, { cve: "CVE-2019-19906", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2019-19906", }, { cve: "CVE-2020-15250", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-15250", }, { cve: "CVE-2020-17049", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-17049", }, { cve: "CVE-2020-25717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25717", }, { cve: "CVE-2020-25718", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25718", }, { cve: "CVE-2020-25719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25719", }, { cve: "CVE-2020-25721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25721", }, { cve: "CVE-2020-25722", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25722", }, { cve: "CVE-2020-9484", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-9484", }, { cve: "CVE-2021-21707", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-21707", }, { cve: "CVE-2021-22926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-22926", }, { cve: "CVE-2021-23192", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-23192", }, { cve: "CVE-2021-27815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-27815", }, { cve: "CVE-2021-30846", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30846", }, { cve: "CVE-2021-30848", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30848", }, { cve: "CVE-2021-30849", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30849", }, { cve: "CVE-2021-30851", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30851", }, { cve: "CVE-2021-30858", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30858", }, { cve: "CVE-2021-33430", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-33430", }, { cve: "CVE-2021-34141", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-34141", }, { cve: "CVE-2021-35604", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-35604", }, { cve: "CVE-2021-35624", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-35624", }, { cve: "CVE-2021-3572", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3572", }, { cve: "CVE-2021-3711", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3711", }, { cve: "CVE-2021-3733", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3733", }, { cve: "CVE-2021-3737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3737", }, { cve: "CVE-2021-3738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3738", }, { cve: "CVE-2021-3770", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3770", }, { cve: "CVE-2021-3778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3778", }, { cve: "CVE-2021-3796", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3796", }, { cve: "CVE-2021-38115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-38115", }, { cve: "CVE-2021-3872", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3872", }, { cve: "CVE-2021-3875", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3875", }, { cve: "CVE-2021-3903", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3903", }, { cve: "CVE-2021-39212", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39212", }, { cve: "CVE-2021-39272", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39272", }, { cve: "CVE-2021-3928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3928", }, { cve: "CVE-2021-3968", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3968", }, { cve: "CVE-2021-3973", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3973", }, { cve: "CVE-2021-3974", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3974", }, { cve: "CVE-2021-3984", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3984", }, { cve: "CVE-2021-39920", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39920", }, { cve: "CVE-2021-39921", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39921", }, { cve: "CVE-2021-39922", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39922", }, { cve: "CVE-2021-39923", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39923", }, { cve: "CVE-2021-39924", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39924", }, { cve: "CVE-2021-39925", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39925", }, { cve: "CVE-2021-39926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39926", }, { cve: "CVE-2021-39928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39928", }, { cve: "CVE-2021-39929", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39929", }, { cve: "CVE-2021-4008", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4008", }, { cve: "CVE-2021-4009", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4009", }, { cve: "CVE-2021-4010", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4010", }, { cve: "CVE-2021-4011", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4011", }, { cve: "CVE-2021-40145", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-40145", }, { cve: "CVE-2021-4019", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4019", }, { cve: "CVE-2021-4034", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4034", }, { cve: "CVE-2021-4069", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4069", }, { cve: "CVE-2021-40812", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-40812", }, { cve: "CVE-2021-41133", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41133", }, { cve: "CVE-2021-4140", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4140", }, { cve: "CVE-2021-41495", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41495", }, { cve: "CVE-2021-41496", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41496", }, { cve: "CVE-2021-4160", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4160", }, { cve: "CVE-2021-4181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4181", }, { cve: "CVE-2021-41817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41817", }, { cve: "CVE-2021-41819", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41819", }, { cve: "CVE-2021-4182", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4182", }, { cve: "CVE-2021-4183", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4183", }, { cve: "CVE-2021-4184", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4184", }, { cve: "CVE-2021-4185", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4185", }, { cve: "CVE-2021-42717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-42717", }, { cve: "CVE-2021-42762", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-42762", }, { cve: "CVE-2021-43331", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43331", }, { cve: "CVE-2021-43332", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43332", }, { cve: "CVE-2021-43395", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43395", }, { cve: "CVE-2021-43527", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43527", }, { cve: "CVE-2021-43528", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43528", }, { cve: "CVE-2021-43536", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43536", }, { cve: "CVE-2021-43537", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43537", }, { cve: "CVE-2021-43538", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43538", }, { cve: "CVE-2021-43539", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43539", }, { cve: "CVE-2021-43541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43541", }, { cve: "CVE-2021-43542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43542", }, { cve: "CVE-2021-43543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43543", }, { cve: "CVE-2021-43545", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43545", }, { cve: "CVE-2021-43546", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43546", }, { cve: "CVE-2021-43566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43566", }, { cve: "CVE-2021-43818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43818", }, { cve: "CVE-2021-44142", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44142", }, { cve: "CVE-2021-44224", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44224", }, { cve: "CVE-2021-44227", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44227", }, { cve: "CVE-2021-44420", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44420", }, { cve: "CVE-2021-44531", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44531", }, { cve: "CVE-2021-44532", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44532", }, { cve: "CVE-2021-44533", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44533", }, { cve: "CVE-2021-44540", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44540", }, { cve: "CVE-2021-44541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44541", }, { cve: "CVE-2021-44542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44542", }, { cve: "CVE-2021-44543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44543", }, { cve: "CVE-2021-44790", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44790", }, { cve: "CVE-2021-45078", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45078", }, { cve: "CVE-2021-45115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45115", }, { cve: "CVE-2021-45116", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45116", }, { cve: "CVE-2021-45452", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45452", }, { cve: "CVE-2021-45960", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45960", }, { cve: "CVE-2021-46143", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-46143", }, { cve: "CVE-2022-0336", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0336", }, { cve: "CVE-2022-0391", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0391", }, { cve: "CVE-2022-0566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0566", }, { cve: "CVE-2022-0581", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0581", }, { cve: "CVE-2022-0582", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0582", }, { cve: "CVE-2022-0583", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0583", }, { cve: "CVE-2022-0585", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0585", }, { cve: "CVE-2022-0586", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0586", }, { cve: "CVE-2022-0778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0778", }, { cve: "CVE-2022-21248", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21248", }, { cve: "CVE-2022-21263", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21263", }, { cve: "CVE-2022-21271", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21271", }, { cve: "CVE-2022-21282", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21282", }, { cve: "CVE-2022-21291", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21296", }, { cve: "CVE-2022-21298", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21298", }, { cve: "CVE-2022-21299", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21365", }, { cve: "CVE-2022-21375", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21375", }, { cve: "CVE-2022-21384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21384", }, { cve: "CVE-2022-21416", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21416", }, { cve: "CVE-2022-21446", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21446", }, { cve: "CVE-2022-21461", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21461", }, { cve: "CVE-2022-21463", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21463", }, { cve: "CVE-2022-21493", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21493", }, { cve: "CVE-2022-21494", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21494", }, { cve: "CVE-2022-21712", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21712", }, { cve: "CVE-2022-21716", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21716", }, { cve: "CVE-2022-21824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21824", }, { cve: "CVE-2022-22719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22719", }, { cve: "CVE-2022-22720", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22720", }, { cve: "CVE-2022-22721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22721", }, { cve: "CVE-2022-22737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22737", }, { cve: "CVE-2022-22738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22738", }, { cve: "CVE-2022-22739", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22739", }, { cve: "CVE-2022-22740", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22740", }, { cve: "CVE-2022-22741", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22741", }, { cve: "CVE-2022-22742", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22742", }, { cve: "CVE-2022-22743", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22743", }, { cve: "CVE-2022-22744", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22744", }, { cve: "CVE-2022-22745", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22745", }, { cve: "CVE-2022-22746", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22746", }, { cve: "CVE-2022-22747", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22747", }, { cve: "CVE-2022-22748", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22748", }, { cve: "CVE-2022-22751", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22751", }, { cve: "CVE-2022-22753", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22753", }, { cve: "CVE-2022-22754", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22754", }, { cve: "CVE-2022-22756", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22756", }, { cve: "CVE-2022-22759", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22759", }, { cve: "CVE-2022-22760", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22760", }, { cve: "CVE-2022-22761", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22761", }, { cve: "CVE-2022-22763", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22763", }, { cve: "CVE-2022-22764", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22764", }, { cve: "CVE-2022-22815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22815", }, { cve: "CVE-2022-22816", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22816", }, { cve: "CVE-2022-22817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22817", }, { cve: "CVE-2022-22818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22818", }, { cve: "CVE-2022-22822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22822", }, { cve: "CVE-2022-22823", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22823", }, { cve: "CVE-2022-22824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22824", }, { cve: "CVE-2022-22825", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22825", }, { cve: "CVE-2022-22826", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22826", }, { cve: "CVE-2022-22827", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22827", }, { cve: "CVE-2022-23181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23181", }, { cve: "CVE-2022-23833", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23833", }, { cve: "CVE-2022-23852", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23852", }, { cve: "CVE-2022-23943", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23943", }, { cve: "CVE-2022-23990", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23990", }, { cve: "CVE-2022-24407", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-24407", }, { cve: "CVE-2022-25235", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25235", }, { cve: "CVE-2022-25236", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25236", }, { cve: "CVE-2022-25313", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25313", }, { cve: "CVE-2022-25314", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25314", }, { cve: "CVE-2022-25315", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25315", }, { cve: "CVE-2022-26381", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26381", }, { cve: "CVE-2022-26383", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26383", }, { cve: "CVE-2022-26384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26384", }, { cve: "CVE-2022-26386", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26386", }, { cve: "CVE-2022-26387", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26387", }, { cve: "CVE-2022-26485", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26485", }, { cve: "CVE-2022-26486", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26486", }, ], }
WID-SEC-W-2022-0100
Vulnerability from csaf_certbund
Published
2022-01-18 23:00
Modified
2024-11-21 23:00
Summary
Oracle Java SE und OpenJDK: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
OpenJDK ist eine Java Umgebung, die unter der GPLv2 veröffentlicht wird.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE und OpenJDK ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Appliance
- Linux
- MacOS X
- NetApp Appliance
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).\r\nOpenJDK ist eine Java Umgebung, die unter der GPLv2 veröffentlicht wird.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE und OpenJDK ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.", title: "Angriff", }, { category: "general", text: "- Appliance\n- Linux\n- MacOS X\n- NetApp Appliance\n- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0100 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0100.json", }, { category: "self", summary: "WID-SEC-2022-0100 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0100", }, { category: "external", summary: "Oracle Critical Patch Update Advisory - January 2022 - Appendix Oracle Java SE vom 2022-01-18", url: "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixJAVA", }, { category: "external", summary: "OpenJDK Vulnerability Advisory: 2022/01/18", url: "https://openjdk.java.net/groups/vulnerability/advisories/2022-01-18", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0161 vom 2022-01-19", url: "http://linux.oracle.com/errata/ELSA-2022-0161.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0161 vom 2022-01-19", url: "https://access.redhat.com/errata/RHSA-2022:0161", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0209 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0209", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0211 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0211", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0204 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0204", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0233 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0233", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0185 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0185", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0166 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0166", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0165 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0165", }, { category: "external", summary: "Debian Security Advisory DSA-5057 vom 2022-01-24", url: "https://lists.debian.org/debian-security-announce/2022/msg00023.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0228 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0228", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0229 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0229", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0185 vom 2022-01-24", url: "https://linux.oracle.com/errata/ELSA-2022-0185.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0204 vom 2022-01-24", url: "https://linux.oracle.com/errata/ELSA-2022-0204.html", }, { category: "external", summary: "Debian Security Advisory DSA-5058 vom 2022-01-25", url: "https://lists.debian.org/debian-security-announce/2022/msg00026.html", }, { category: "external", summary: "CentOS Security Advisory CESA-2022:0204 vom 2022-01-25", url: "https://lists.centos.org/pipermail/centos-announce/2022-January/073550.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0304 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0304", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0305 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0305", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0306 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0306", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0307 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0307", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0312 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0312", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0317 vom 2022-01-28", url: "https://access.redhat.com/errata/RHSA-2022:0317", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0321 vom 2022-01-28", url: "https://access.redhat.com/errata/RHSA-2022:0321", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0306 vom 2022-01-27", url: "https://linux.oracle.com/errata/ELSA-2022-0306.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0307 vom 2022-01-27", url: "https://linux.oracle.com/errata/ELSA-2022-0307.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4918 vom 2022-06-06", url: "https://access.redhat.com/errata/RHSA-2022:4918", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4919 vom 2022-06-06", url: "https://access.redhat.com/errata/RHSA-2022:4919", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4922 vom 2022-06-06", url: "https://access.redhat.com/errata/RHSA-2022:4922", }, { category: "external", summary: "AVAYA Security Advisory ASA-2022-008 vom 2021-01-31", url: "https://downloads.avaya.com/css/P8/documents/101080371", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0409 vom 2022-02-02", url: "https://access.redhat.com/errata/RHSA-2022:0409", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0415 vom 2022-02-03", url: "https://access.redhat.com/errata/RHSA-2022:0415", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0283 vom 2022-02-03", url: "https://access.redhat.com/errata/RHSA-2022:0283", }, { category: "external", summary: "AVAYA Security Advisory ASA-2022-005 vom 2022-02-01", url: "https://downloads.avaya.com/css/P8/documents/101080372", }, { category: "external", summary: "Hitachi Vulnerability Information HITACHI-SEC-2022-104 vom 2022-02-04", url: "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-104/index.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0444 vom 2022-02-08", url: "https://access.redhat.com/errata/RHSA-2022:0444", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0445 vom 2022-02-08", url: "https://access.redhat.com/errata/RHSA-2022:0445", }, { category: "external", summary: "Debian Security Advisory DLA-2917 vom 2022-02-10", url: "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", }, { category: "external", summary: "AVAYA Security Advisory ASA-2022-018 vom 2022-06-19", url: "https://download.avaya.com/css/public/documents/101082272", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1752 vom 2022-02-21", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1752.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1753 vom 2022-02-21", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1753.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0730-1 vom 2022-03-04", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010371.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5313-1 vom 2022-03-07", url: "https://ubuntu.com/security/notices/USN-5313-1", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-037 vom 2022-03-09", url: "https://alas.aws.amazon.com/AL2022/ALAS-2022-037.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0816-1 vom 2022-03-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010427.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0871-1 vom 2022-03-16", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010456.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0873-1 vom 2022-03-16", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010457.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0970 vom 2022-03-21", url: "https://access.redhat.com/errata/RHSA-2022:0970", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0968 vom 2022-03-21", url: "https://access.redhat.com/errata/RHSA-2022:0968", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0969 vom 2022-03-21", url: "https://access.redhat.com/errata/RHSA-2022:0969", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:14927-1 vom 2022-03-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010505.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:14926-1 vom 2022-03-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010503.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:1051 vom 2022-03-24", url: "https://access.redhat.com/errata/RHSA-2022:1051", }, { category: "external", summary: "Ubuntu Security Notice USN-5313-2 vom 2022-03-29", url: "https://ubuntu.com/security/notices/USN-5313-2", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1027-1 vom 2022-03-29", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010559.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1026-1 vom 2022-03-29", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010556.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1025-1 vom 2022-03-29", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010560.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4957 vom 2022-06-09", url: "https://access.redhat.com/errata/RHSA-2022:4957", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-047 vom 2022-04-22", url: "https://alas.aws.amazon.com/AL2022/ALAS-2022-047.html", }, { category: "external", summary: "Brocade Security Advisory BSA-2022-1732 vom 2022-06-24", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1732", }, { category: "external", summary: "Brocade Security Advisory BSA-2022-1980 vom 2022-06-24", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1980", }, { category: "external", summary: "NetApp Security Advisory NTAP-20220121-0007 vom 2022-07-01", url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1821 vom 2022-07-21", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1821.html", }, { category: "external", summary: "HCL Article KB0099493 vom 2022-07-21", url: "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099493", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2540-1 vom 2022-07-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011646.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2539-1 vom 2022-07-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011645.html", }, { category: "external", summary: "Broadcom Security Advisory", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2019", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2650-1 vom 2022-08-03", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011760.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1631 vom 2022-08-23", url: "https://alas.aws.amazon.com/ALAS-2022-1631.html", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202209-05 vom 2022-09-07", url: "https://security.gentoo.org/glsa/202209-05", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1633 vom 2022-09-12", url: "https://alas.aws.amazon.com/ALAS-2022-1633.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1835 vom 2022-09-15", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1835.html", }, { category: "external", summary: "IBM Security Bulletin 6824779 vom 2022-09-29", url: "https://www.ibm.com/blogs/psirt/security-bulletin-txseries-for-multiplatforms-is-vulnerable-to-a-denial-of-service-exposure-due-to-ibm-sdk-java-technology-edition-2/", }, { category: "external", summary: "Amazon Linux Security Advisory ALASJAVA-OPENJDK11-2023-003 vom 2023-02-23", url: "https://alas.aws.amazon.com/AL2/ALASJAVA-OPENJDK11-2023-003.html", }, { category: "external", summary: "XEROX Security Advisory XRX24-005 vom 2024-03-04", url: "https://security.business.xerox.com/wp-content/uploads/2024/03/Xerox-Security-Bulletin-XRX24-005-Xerox-FreeFlow%C2%AE-Print-Server-v9_Feb-2024.pdf", }, { category: "external", summary: "### vom 2024-10-15", url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24999", }, { category: "external", summary: "XEROX Security Advisory XRX24-017 vom 2024-11-21", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, ], source_lang: "en-US", title: "Oracle Java SE und OpenJDK: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-21T23:00:00.000+00:00", generator: { date: "2024-11-22T10:07:33.380+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2022-0100", initial_release_date: "2022-01-18T23:00:00.000+00:00", revision_history: [ { date: "2022-01-18T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-01-19T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2022-01-23T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-01-24T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat und Debian aufgenommen", }, { date: "2022-01-25T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Debian und CentOS aufgenommen", }, { date: "2022-01-27T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Fedora und Red Hat aufgenommen", }, { date: "2022-01-30T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2022-02-02T23:00:00.000+00:00", number: "8", summary: "Neue Updates von AVAYA, Red Hat und Fedora aufgenommen", }, { date: "2022-02-03T23:00:00.000+00:00", number: "9", summary: "Neue Updates von HITACHI aufgenommen", }, { date: "2022-02-07T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-02-09T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-02-15T23:00:00.000+00:00", number: "12", summary: "Referenz(en) aufgenommen: FEDORA-2022-D877B248A5", }, { date: "2022-02-17T23:00:00.000+00:00", number: "13", summary: "Referenz(en) aufgenommen: FEDORA-2022-477401B0F7", }, { date: "2022-02-21T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-03-02T23:00:00.000+00:00", number: "15", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2022-03-06T23:00:00.000+00:00", number: "16", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-07T23:00:00.000+00:00", number: "17", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-03-08T23:00:00.000+00:00", number: "18", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-03-14T23:00:00.000+00:00", number: "19", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-16T23:00:00.000+00:00", number: "20", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-20T23:00:00.000+00:00", number: "21", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-03-23T23:00:00.000+00:00", number: "22", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-24T23:00:00.000+00:00", number: "23", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-03-29T22:00:00.000+00:00", number: "24", summary: "Neue Updates von Ubuntu und SUSE aufgenommen", }, { date: "2022-04-24T22:00:00.000+00:00", number: "25", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-06-06T22:00:00.000+00:00", number: "26", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-06-08T22:00:00.000+00:00", number: "27", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-06-19T22:00:00.000+00:00", number: "28", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2022-06-26T22:00:00.000+00:00", number: "29", summary: "Neue Updates von BROCADE aufgenommen", }, { date: "2022-07-03T22:00:00.000+00:00", number: "30", summary: "Neue Updates von NetApp aufgenommen", }, { date: "2022-07-20T22:00:00.000+00:00", number: "31", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-07-21T22:00:00.000+00:00", number: "32", summary: "Neue Updates von HCL aufgenommen", }, { date: "2022-07-24T22:00:00.000+00:00", number: "33", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-08-01T22:00:00.000+00:00", number: "34", summary: "Neue Updates von BROCADE aufgenommen", }, { date: "2022-08-03T22:00:00.000+00:00", number: "35", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-08-23T22:00:00.000+00:00", number: "36", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-09-06T22:00:00.000+00:00", number: "37", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2022-09-12T22:00:00.000+00:00", number: "38", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-09-14T22:00:00.000+00:00", number: "39", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-09-28T22:00:00.000+00:00", number: "40", summary: "Neue Updates von IBM aufgenommen", }, { date: "2023-02-23T23:00:00.000+00:00", number: "41", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-03-03T23:00:00.000+00:00", number: "42", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-10-14T22:00:00.000+00:00", number: "43", summary: "Neue Updates aufgenommen", }, { date: "2024-11-21T23:00:00.000+00:00", number: "44", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "44", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Avaya Aura Application Enablement Services", product: { name: "Avaya Aura Application Enablement Services", product_id: "T015516", product_identification_helper: { cpe: "cpe:/a:avaya:aura_application_enablement_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Communication Manager", product: { name: "Avaya Aura Communication Manager", product_id: "T015126", product_identification_helper: { cpe: "cpe:/a:avaya:communication_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura Device Services", product: { name: "Avaya Aura Device Services", product_id: "T015517", product_identification_helper: { cpe: "cpe:/a:avaya:aura_device_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Experience Portal", product: { name: "Avaya Aura Experience Portal", product_id: "T015519", product_identification_helper: { cpe: "cpe:/a:avaya:aura_experience_portal:-", }, }, }, { category: "product_name", name: "Avaya Aura Session Manager", product: { name: "Avaya Aura Session Manager", product_id: "T015127", product_identification_helper: { cpe: "cpe:/a:avaya:session_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura System Manager", product: { name: "Avaya Aura System Manager", product_id: "T015518", product_identification_helper: { cpe: "cpe:/a:avaya:aura_system_manager:-", }, }, }, { category: "product_name", name: "Avaya Breeze Platform", product: { name: "Avaya Breeze Platform", product_id: "T015823", product_identification_helper: { cpe: "cpe:/a:avaya:breeze_platform:-", }, }, }, { category: "product_name", name: "Avaya CMS", product: { name: "Avaya CMS", product_id: "997", product_identification_helper: { cpe: "cpe:/a:avaya:call_management_system_server:-", }, }, }, { category: "product_name", name: "Avaya Session Border Controller", product: { name: "Avaya Session Border Controller", product_id: "T015520", product_identification_helper: { cpe: "cpe:/h:avaya:session_border_controller:-", }, }, }, { category: "product_name", name: "Avaya Web License Manager", product: { name: "Avaya Web License Manager", product_id: "T016243", product_identification_helper: { cpe: "cpe:/a:avaya:web_license_manager:-", }, }, }, ], category: "vendor", name: "Avaya", }, { branches: [ { branches: [ { category: "product_version_range", name: "<v2.2.0.2", product: { name: "Broadcom Brocade SANnav <v2.2.0.2", product_id: "T023628", }, }, { category: "product_version", name: "v2.2.0.2", product: { name: "Broadcom Brocade SANnav v2.2.0.2", product_id: "T023628-fixed", product_identification_helper: { cpe: "cpe:/a:broadcom:brocade_sannav:v2.2.0.2", }, }, }, { category: "product_version_range", name: "<2.3.0a", product: { name: "Broadcom Brocade SANnav <2.3.0a", product_id: "T034391", }, }, { category: "product_version", name: "2.3.0a", product: { name: "Broadcom Brocade SANnav 2.3.0a", product_id: "T034391-fixed", product_identification_helper: { cpe: "cpe:/a:broadcom:brocade_sannav:2.3.0a", }, }, }, { category: "product_version_range", name: "<2.3.1a", product: { name: "Broadcom Brocade SANnav <2.3.1a", product_id: "T038317", }, }, { category: "product_version", name: "2.3.1a", product: { name: "Broadcom Brocade SANnav 2.3.1a", product_id: "T038317-fixed", product_identification_helper: { cpe: "cpe:/a:broadcom:brocade_sannav:2.3.1a", }, }, }, ], category: "product_name", name: "Brocade SANnav", }, ], category: "vendor", name: "Broadcom", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "HCL BigFix", product: { name: "HCL BigFix", product_id: "T017494", product_identification_helper: { cpe: "cpe:/a:hcltech:bigfix:-", }, }, }, ], category: "vendor", name: "HCL", }, { branches: [ { category: "product_name", name: "Hitachi Command Suite", product: { name: "Hitachi Command Suite", product_id: "T010951", product_identification_helper: { cpe: "cpe:/a:hitachi:command_suite:-", }, }, }, { category: "product_name", name: "Hitachi Configuration Manager", product: { name: "Hitachi Configuration Manager", product_id: "T020304", product_identification_helper: { cpe: "cpe:/a:hitachi:configuration_manager:-", }, }, }, { category: "product_name", name: "Hitachi Ops Center", product: { name: "Hitachi Ops Center", product_id: "T017562", product_identification_helper: { cpe: "cpe:/a:hitachi:ops_center:-", }, }, }, ], category: "vendor", name: "Hitachi", }, { branches: [ { branches: [ { category: "product_version", name: "9.1", product: { name: "IBM TXSeries 9.1", product_id: "T015903", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_9.1", }, }, }, { category: "product_version", name: "8.2", product: { name: "IBM TXSeries 8.2", product_id: "T015904", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.2", }, }, }, { category: "product_version", name: "8.1", product: { name: "IBM TXSeries 8.1", product_id: "T015905", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.1", }, }, }, ], category: "product_name", name: "TXSeries", }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager", product: { name: "NetApp ActiveIQ Unified Manager", product_id: "T016960", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:-", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Open Source CentOS", product: { name: "Open Source CentOS", product_id: "1727", product_identification_helper: { cpe: "cpe:/o:centos:centos:-", }, }, }, { branches: [ { category: "product_version_range", name: "<=11.0.13", product: { name: "Open Source OpenJDK <=11.0.13", product_id: "989628", }, }, { category: "product_version_range", name: "<=11.0.13", product: { name: "Open Source OpenJDK <=11.0.13", product_id: "989628-fixed", }, }, { category: "product_version_range", name: "<=17.0.1", product: { name: "Open Source OpenJDK <=17.0.1", product_id: "T021759", }, }, { category: "product_version_range", name: "<=17.0.1", product: { name: "Open Source OpenJDK <=17.0.1", product_id: "T021759-fixed", }, }, { category: "product_version_range", name: "<=15.0.5", product: { name: "Open Source OpenJDK <=15.0.5", product_id: "T021760", }, }, { category: "product_version_range", name: "<=15.0.5", product: { name: "Open Source OpenJDK <=15.0.5", product_id: "T021760-fixed", }, }, { category: "product_version_range", name: "<=13.0.9", product: { name: "Open Source OpenJDK <=13.0.9", product_id: "T021761", }, }, { category: "product_version_range", name: "<=13.0.9", product: { name: "Open Source OpenJDK <=13.0.9", product_id: "T021761-fixed", }, }, { category: "product_version_range", name: "<=8u312", product: { name: "Open Source OpenJDK <=8u312", product_id: "T021762", }, }, { category: "product_version_range", name: "<=8u312", product: { name: "Open Source OpenJDK <=8u312", product_id: "T021762-fixed", }, }, { category: "product_version_range", name: "<=7u321", product: { name: "Open Source OpenJDK <=7u321", product_id: "T021763", }, }, { category: "product_version_range", name: "<=7u321", product: { name: "Open Source OpenJDK <=7u321", product_id: "T021763-fixed", }, }, ], category: "product_name", name: "OpenJDK", }, ], category: "vendor", name: "Open Source", }, { branches: [ { branches: [ { category: "product_version", name: "Enterprise Edition 20.3.4", product: { name: "Oracle GraalVM Enterprise Edition 20.3.4", product_id: "T021750", product_identification_helper: { cpe: "cpe:/a:oracle:graalvm:20.3.4::enterprise", }, }, }, { category: "product_version", name: "Enterprise Edition 21.3.0", product: { name: "Oracle GraalVM Enterprise Edition 21.3.0", product_id: "T021755", product_identification_helper: { cpe: "cpe:/a:oracle:graalvm:21.3.0::enterprise", }, }, }, ], category: "product_name", name: "GraalVM", }, { branches: [ { category: "product_version", name: "11.0.13", product: { name: "Oracle Java SE 11.0.13", product_id: "T021700", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:11.0.13", }, }, }, { category: "product_version", name: "7u321", product: { name: "Oracle Java SE 7u321", product_id: "T021752", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:7:u321", }, }, }, { category: "product_version", name: "8u311", product: { name: "Oracle Java SE 8u311", product_id: "T021753", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:8:u311", }, }, }, { category: "product_version", name: "17.01", product: { name: "Oracle Java SE 17.01", product_id: "T021754", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:17.01", }, }, }, ], category: "product_name", name: "Java SE", }, { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_version", name: "v9", product: { name: "Xerox FreeFlow Print Server v9", product_id: "T015632", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2021-22959", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2021-22959", }, { cve: "CVE-2022-21248", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21366", }, ], }
wid-sec-w-2022-0100
Vulnerability from csaf_certbund
Published
2022-01-18 23:00
Modified
2024-11-21 23:00
Summary
Oracle Java SE und OpenJDK: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
OpenJDK ist eine Java Umgebung, die unter der GPLv2 veröffentlicht wird.
Angriff
Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE und OpenJDK ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Appliance
- Linux
- MacOS X
- NetApp Appliance
- Sonstiges
- UNIX
- Windows
{ document: { aggregate_severity: { text: "mittel", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).\r\nOpenJDK ist eine Java Umgebung, die unter der GPLv2 veröffentlicht wird.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Oracle Java SE und OpenJDK ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.", title: "Angriff", }, { category: "general", text: "- Appliance\n- Linux\n- MacOS X\n- NetApp Appliance\n- Sonstiges\n- UNIX\n- Windows", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0100 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0100.json", }, { category: "self", summary: "WID-SEC-2022-0100 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0100", }, { category: "external", summary: "Oracle Critical Patch Update Advisory - January 2022 - Appendix Oracle Java SE vom 2022-01-18", url: "https://www.oracle.com/security-alerts/cpujan2022.html#AppendixJAVA", }, { category: "external", summary: "OpenJDK Vulnerability Advisory: 2022/01/18", url: "https://openjdk.java.net/groups/vulnerability/advisories/2022-01-18", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0161 vom 2022-01-19", url: "http://linux.oracle.com/errata/ELSA-2022-0161.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0161 vom 2022-01-19", url: "https://access.redhat.com/errata/RHSA-2022:0161", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0209 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0209", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0211 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0211", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0204 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0204", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0233 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0233", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0185 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0185", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0166 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0166", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0165 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0165", }, { category: "external", summary: "Debian Security Advisory DSA-5057 vom 2022-01-24", url: "https://lists.debian.org/debian-security-announce/2022/msg00023.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0228 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0228", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0229 vom 2022-01-24", url: "https://access.redhat.com/errata/RHSA-2022:0229", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0185 vom 2022-01-24", url: "https://linux.oracle.com/errata/ELSA-2022-0185.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0204 vom 2022-01-24", url: "https://linux.oracle.com/errata/ELSA-2022-0204.html", }, { category: "external", summary: "Debian Security Advisory DSA-5058 vom 2022-01-25", url: "https://lists.debian.org/debian-security-announce/2022/msg00026.html", }, { category: "external", summary: "CentOS Security Advisory CESA-2022:0204 vom 2022-01-25", url: "https://lists.centos.org/pipermail/centos-announce/2022-January/073550.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0304 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0304", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0305 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0305", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0306 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0306", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0307 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0307", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0312 vom 2022-01-27", url: "https://access.redhat.com/errata/RHSA-2022:0312", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0317 vom 2022-01-28", url: "https://access.redhat.com/errata/RHSA-2022:0317", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0321 vom 2022-01-28", url: "https://access.redhat.com/errata/RHSA-2022:0321", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0306 vom 2022-01-27", url: "https://linux.oracle.com/errata/ELSA-2022-0306.html", }, { category: "external", summary: "Oracle Linux Security Advisory ELSA-2022-0307 vom 2022-01-27", url: "https://linux.oracle.com/errata/ELSA-2022-0307.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4918 vom 2022-06-06", url: "https://access.redhat.com/errata/RHSA-2022:4918", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4919 vom 2022-06-06", url: "https://access.redhat.com/errata/RHSA-2022:4919", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4922 vom 2022-06-06", url: "https://access.redhat.com/errata/RHSA-2022:4922", }, { category: "external", summary: "AVAYA Security Advisory ASA-2022-008 vom 2021-01-31", url: "https://downloads.avaya.com/css/P8/documents/101080371", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0409 vom 2022-02-02", url: "https://access.redhat.com/errata/RHSA-2022:0409", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0415 vom 2022-02-03", url: "https://access.redhat.com/errata/RHSA-2022:0415", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0283 vom 2022-02-03", url: "https://access.redhat.com/errata/RHSA-2022:0283", }, { category: "external", summary: "AVAYA Security Advisory ASA-2022-005 vom 2022-02-01", url: "https://downloads.avaya.com/css/P8/documents/101080372", }, { category: "external", summary: "Hitachi Vulnerability Information HITACHI-SEC-2022-104 vom 2022-02-04", url: "https://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2022-104/index.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0444 vom 2022-02-08", url: "https://access.redhat.com/errata/RHSA-2022:0444", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0445 vom 2022-02-08", url: "https://access.redhat.com/errata/RHSA-2022:0445", }, { category: "external", summary: "Debian Security Advisory DLA-2917 vom 2022-02-10", url: "https://lists.debian.org/debian-lts-announce/2022/02/msg00011.html", }, { category: "external", summary: "AVAYA Security Advisory ASA-2022-018 vom 2022-06-19", url: "https://download.avaya.com/css/public/documents/101082272", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1752 vom 2022-02-21", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1752.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1753 vom 2022-02-21", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1753.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0730-1 vom 2022-03-04", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010371.html", }, { category: "external", summary: "Ubuntu Security Notice USN-5313-1 vom 2022-03-07", url: "https://ubuntu.com/security/notices/USN-5313-1", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-037 vom 2022-03-09", url: "https://alas.aws.amazon.com/AL2022/ALAS-2022-037.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0816-1 vom 2022-03-14", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010427.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0871-1 vom 2022-03-16", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010456.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:0873-1 vom 2022-03-16", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010457.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0970 vom 2022-03-21", url: "https://access.redhat.com/errata/RHSA-2022:0970", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0968 vom 2022-03-21", url: "https://access.redhat.com/errata/RHSA-2022:0968", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:0969 vom 2022-03-21", url: "https://access.redhat.com/errata/RHSA-2022:0969", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:14927-1 vom 2022-03-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010505.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:14926-1 vom 2022-03-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010503.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:1051 vom 2022-03-24", url: "https://access.redhat.com/errata/RHSA-2022:1051", }, { category: "external", summary: "Ubuntu Security Notice USN-5313-2 vom 2022-03-29", url: "https://ubuntu.com/security/notices/USN-5313-2", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1027-1 vom 2022-03-29", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010559.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1026-1 vom 2022-03-29", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010556.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:1025-1 vom 2022-03-29", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-March/010560.html", }, { category: "external", summary: "Red Hat Security Advisory RHSA-2022:4957 vom 2022-06-09", url: "https://access.redhat.com/errata/RHSA-2022:4957", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-047 vom 2022-04-22", url: "https://alas.aws.amazon.com/AL2022/ALAS-2022-047.html", }, { category: "external", summary: "Brocade Security Advisory BSA-2022-1732 vom 2022-06-24", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1732", }, { category: "external", summary: "Brocade Security Advisory BSA-2022-1980 vom 2022-06-24", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-1980", }, { category: "external", summary: "NetApp Security Advisory NTAP-20220121-0007 vom 2022-07-01", url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1821 vom 2022-07-21", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1821.html", }, { category: "external", summary: "HCL Article KB0099493 vom 2022-07-21", url: "https://support.hcltechsw.com/csm?id=kb_article&sysparm_article=KB0099493", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2540-1 vom 2022-07-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011646.html", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2539-1 vom 2022-07-23", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-July/011645.html", }, { category: "external", summary: "Broadcom Security Advisory", url: "https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2022-2019", }, { category: "external", summary: "SUSE Security Update SUSE-SU-2022:2650-1 vom 2022-08-03", url: "https://lists.suse.com/pipermail/sle-security-updates/2022-August/011760.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1631 vom 2022-08-23", url: "https://alas.aws.amazon.com/ALAS-2022-1631.html", }, { category: "external", summary: "Gentoo Linux Security Advisory GLSA-202209-05 vom 2022-09-07", url: "https://security.gentoo.org/glsa/202209-05", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1633 vom 2022-09-12", url: "https://alas.aws.amazon.com/ALAS-2022-1633.html", }, { category: "external", summary: "Amazon Linux Security Advisory ALAS-2022-1835 vom 2022-09-15", url: "https://alas.aws.amazon.com/AL2/ALAS-2022-1835.html", }, { category: "external", summary: "IBM Security Bulletin 6824779 vom 2022-09-29", url: "https://www.ibm.com/blogs/psirt/security-bulletin-txseries-for-multiplatforms-is-vulnerable-to-a-denial-of-service-exposure-due-to-ibm-sdk-java-technology-edition-2/", }, { category: "external", summary: "Amazon Linux Security Advisory ALASJAVA-OPENJDK11-2023-003 vom 2023-02-23", url: "https://alas.aws.amazon.com/AL2/ALASJAVA-OPENJDK11-2023-003.html", }, { category: "external", summary: "XEROX Security Advisory XRX24-005 vom 2024-03-04", url: "https://security.business.xerox.com/wp-content/uploads/2024/03/Xerox-Security-Bulletin-XRX24-005-Xerox-FreeFlow%C2%AE-Print-Server-v9_Feb-2024.pdf", }, { category: "external", summary: "### vom 2024-10-15", url: "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/24999", }, { category: "external", summary: "XEROX Security Advisory XRX24-017 vom 2024-11-21", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2024/11/Xerox-Security-Bulletin-XRX24-017-for-Xerox%C2%AE-FreeFlow%C2%AE-Print-Server-v9.pdf", }, ], source_lang: "en-US", title: "Oracle Java SE und OpenJDK: Mehrere Schwachstellen", tracking: { current_release_date: "2024-11-21T23:00:00.000+00:00", generator: { date: "2024-11-22T10:07:33.380+00:00", engine: { name: "BSI-WID", version: "1.3.8", }, }, id: "WID-SEC-W-2022-0100", initial_release_date: "2022-01-18T23:00:00.000+00:00", revision_history: [ { date: "2022-01-18T23:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-01-19T23:00:00.000+00:00", number: "2", summary: "Neue Updates von Oracle Linux und Red Hat aufgenommen", }, { date: "2022-01-23T23:00:00.000+00:00", number: "3", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-01-24T23:00:00.000+00:00", number: "4", summary: "Neue Updates von Red Hat und Debian aufgenommen", }, { date: "2022-01-25T23:00:00.000+00:00", number: "5", summary: "Neue Updates von Debian und CentOS aufgenommen", }, { date: "2022-01-27T23:00:00.000+00:00", number: "6", summary: "Neue Updates von Fedora und Red Hat aufgenommen", }, { date: "2022-01-30T23:00:00.000+00:00", number: "7", summary: "Neue Updates von Oracle Linux aufgenommen", }, { date: "2022-02-02T23:00:00.000+00:00", number: "8", summary: "Neue Updates von AVAYA, Red Hat und Fedora aufgenommen", }, { date: "2022-02-03T23:00:00.000+00:00", number: "9", summary: "Neue Updates von HITACHI aufgenommen", }, { date: "2022-02-07T23:00:00.000+00:00", number: "10", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-02-09T23:00:00.000+00:00", number: "11", summary: "Neue Updates von Debian aufgenommen", }, { date: "2022-02-15T23:00:00.000+00:00", number: "12", summary: "Referenz(en) aufgenommen: FEDORA-2022-D877B248A5", }, { date: "2022-02-17T23:00:00.000+00:00", number: "13", summary: "Referenz(en) aufgenommen: FEDORA-2022-477401B0F7", }, { date: "2022-02-21T23:00:00.000+00:00", number: "14", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-03-02T23:00:00.000+00:00", number: "15", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2022-03-06T23:00:00.000+00:00", number: "16", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-07T23:00:00.000+00:00", number: "17", summary: "Neue Updates von Ubuntu aufgenommen", }, { date: "2022-03-08T23:00:00.000+00:00", number: "18", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-03-14T23:00:00.000+00:00", number: "19", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-16T23:00:00.000+00:00", number: "20", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-20T23:00:00.000+00:00", number: "21", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-03-23T23:00:00.000+00:00", number: "22", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-03-24T23:00:00.000+00:00", number: "23", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-03-29T22:00:00.000+00:00", number: "24", summary: "Neue Updates von Ubuntu und SUSE aufgenommen", }, { date: "2022-04-24T22:00:00.000+00:00", number: "25", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-06-06T22:00:00.000+00:00", number: "26", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-06-08T22:00:00.000+00:00", number: "27", summary: "Neue Updates von Red Hat aufgenommen", }, { date: "2022-06-19T22:00:00.000+00:00", number: "28", summary: "Neue Updates von AVAYA aufgenommen", }, { date: "2022-06-26T22:00:00.000+00:00", number: "29", summary: "Neue Updates von BROCADE aufgenommen", }, { date: "2022-07-03T22:00:00.000+00:00", number: "30", summary: "Neue Updates von NetApp aufgenommen", }, { date: "2022-07-20T22:00:00.000+00:00", number: "31", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-07-21T22:00:00.000+00:00", number: "32", summary: "Neue Updates von HCL aufgenommen", }, { date: "2022-07-24T22:00:00.000+00:00", number: "33", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-08-01T22:00:00.000+00:00", number: "34", summary: "Neue Updates von BROCADE aufgenommen", }, { date: "2022-08-03T22:00:00.000+00:00", number: "35", summary: "Neue Updates von SUSE aufgenommen", }, { date: "2022-08-23T22:00:00.000+00:00", number: "36", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-09-06T22:00:00.000+00:00", number: "37", summary: "Neue Updates von Gentoo aufgenommen", }, { date: "2022-09-12T22:00:00.000+00:00", number: "38", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-09-14T22:00:00.000+00:00", number: "39", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2022-09-28T22:00:00.000+00:00", number: "40", summary: "Neue Updates von IBM aufgenommen", }, { date: "2023-02-23T23:00:00.000+00:00", number: "41", summary: "Neue Updates von Amazon aufgenommen", }, { date: "2024-03-03T23:00:00.000+00:00", number: "42", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2024-10-14T22:00:00.000+00:00", number: "43", summary: "Neue Updates aufgenommen", }, { date: "2024-11-21T23:00:00.000+00:00", number: "44", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "44", }, }, product_tree: { branches: [ { branches: [ { category: "product_name", name: "Amazon Linux 2", product: { name: "Amazon Linux 2", product_id: "398363", product_identification_helper: { cpe: "cpe:/o:amazon:linux_2:-", }, }, }, ], category: "vendor", name: "Amazon", }, { branches: [ { category: "product_name", name: "Avaya Aura Application Enablement Services", product: { name: "Avaya Aura Application Enablement Services", product_id: "T015516", product_identification_helper: { cpe: "cpe:/a:avaya:aura_application_enablement_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Communication Manager", product: { name: "Avaya Aura Communication Manager", product_id: "T015126", product_identification_helper: { cpe: "cpe:/a:avaya:communication_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura Device Services", product: { name: "Avaya Aura Device Services", product_id: "T015517", product_identification_helper: { cpe: "cpe:/a:avaya:aura_device_services:-", }, }, }, { category: "product_name", name: "Avaya Aura Experience Portal", product: { name: "Avaya Aura Experience Portal", product_id: "T015519", product_identification_helper: { cpe: "cpe:/a:avaya:aura_experience_portal:-", }, }, }, { category: "product_name", name: "Avaya Aura Session Manager", product: { name: "Avaya Aura Session Manager", product_id: "T015127", product_identification_helper: { cpe: "cpe:/a:avaya:session_manager:-", }, }, }, { category: "product_name", name: "Avaya Aura System Manager", product: { name: "Avaya Aura System Manager", product_id: "T015518", product_identification_helper: { cpe: "cpe:/a:avaya:aura_system_manager:-", }, }, }, { category: "product_name", name: "Avaya Breeze Platform", product: { name: "Avaya Breeze Platform", product_id: "T015823", product_identification_helper: { cpe: "cpe:/a:avaya:breeze_platform:-", }, }, }, { category: "product_name", name: "Avaya CMS", product: { name: "Avaya CMS", product_id: "997", product_identification_helper: { cpe: "cpe:/a:avaya:call_management_system_server:-", }, }, }, { category: "product_name", name: "Avaya Session Border Controller", product: { name: "Avaya Session Border Controller", product_id: "T015520", product_identification_helper: { cpe: "cpe:/h:avaya:session_border_controller:-", }, }, }, { category: "product_name", name: "Avaya Web License Manager", product: { name: "Avaya Web License Manager", product_id: "T016243", product_identification_helper: { cpe: "cpe:/a:avaya:web_license_manager:-", }, }, }, ], category: "vendor", name: "Avaya", }, { branches: [ { branches: [ { category: "product_version_range", name: "<v2.2.0.2", product: { name: "Broadcom Brocade SANnav <v2.2.0.2", product_id: "T023628", }, }, { category: "product_version", name: "v2.2.0.2", product: { name: "Broadcom Brocade SANnav v2.2.0.2", product_id: "T023628-fixed", product_identification_helper: { cpe: "cpe:/a:broadcom:brocade_sannav:v2.2.0.2", }, }, }, { category: "product_version_range", name: "<2.3.0a", product: { name: "Broadcom Brocade SANnav <2.3.0a", product_id: "T034391", }, }, { category: "product_version", name: "2.3.0a", product: { name: "Broadcom Brocade SANnav 2.3.0a", product_id: "T034391-fixed", product_identification_helper: { cpe: "cpe:/a:broadcom:brocade_sannav:2.3.0a", }, }, }, { category: "product_version_range", name: "<2.3.1a", product: { name: "Broadcom Brocade SANnav <2.3.1a", product_id: "T038317", }, }, { category: "product_version", name: "2.3.1a", product: { name: "Broadcom Brocade SANnav 2.3.1a", product_id: "T038317-fixed", product_identification_helper: { cpe: "cpe:/a:broadcom:brocade_sannav:2.3.1a", }, }, }, ], category: "product_name", name: "Brocade SANnav", }, ], category: "vendor", name: "Broadcom", }, { branches: [ { category: "product_name", name: "Debian Linux", product: { name: "Debian Linux", product_id: "2951", product_identification_helper: { cpe: "cpe:/o:debian:debian_linux:-", }, }, }, ], category: "vendor", name: "Debian", }, { branches: [ { category: "product_name", name: "Gentoo Linux", product: { name: "Gentoo Linux", product_id: "T012167", product_identification_helper: { cpe: "cpe:/o:gentoo:linux:-", }, }, }, ], category: "vendor", name: "Gentoo", }, { branches: [ { category: "product_name", name: "HCL BigFix", product: { name: "HCL BigFix", product_id: "T017494", product_identification_helper: { cpe: "cpe:/a:hcltech:bigfix:-", }, }, }, ], category: "vendor", name: "HCL", }, { branches: [ { category: "product_name", name: "Hitachi Command Suite", product: { name: "Hitachi Command Suite", product_id: "T010951", product_identification_helper: { cpe: "cpe:/a:hitachi:command_suite:-", }, }, }, { category: "product_name", name: "Hitachi Configuration Manager", product: { name: "Hitachi Configuration Manager", product_id: "T020304", product_identification_helper: { cpe: "cpe:/a:hitachi:configuration_manager:-", }, }, }, { category: "product_name", name: "Hitachi Ops Center", product: { name: "Hitachi Ops Center", product_id: "T017562", product_identification_helper: { cpe: "cpe:/a:hitachi:ops_center:-", }, }, }, ], category: "vendor", name: "Hitachi", }, { branches: [ { branches: [ { category: "product_version", name: "9.1", product: { name: "IBM TXSeries 9.1", product_id: "T015903", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_9.1", }, }, }, { category: "product_version", name: "8.2", product: { name: "IBM TXSeries 8.2", product_id: "T015904", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.2", }, }, }, { category: "product_version", name: "8.1", product: { name: "IBM TXSeries 8.1", product_id: "T015905", product_identification_helper: { cpe: "cpe:/a:ibm:txseries:for_multiplatforms_8.1", }, }, }, ], category: "product_name", name: "TXSeries", }, ], category: "vendor", name: "IBM", }, { branches: [ { category: "product_name", name: "NetApp ActiveIQ Unified Manager", product: { name: "NetApp ActiveIQ Unified Manager", product_id: "T016960", product_identification_helper: { cpe: "cpe:/a:netapp:active_iq_unified_manager:-", }, }, }, ], category: "vendor", name: "NetApp", }, { branches: [ { category: "product_name", name: "Open Source CentOS", product: { name: "Open Source CentOS", product_id: "1727", product_identification_helper: { cpe: "cpe:/o:centos:centos:-", }, }, }, { branches: [ { category: "product_version_range", name: "<=11.0.13", product: { name: "Open Source OpenJDK <=11.0.13", product_id: "989628", }, }, { category: "product_version_range", name: "<=11.0.13", product: { name: "Open Source OpenJDK <=11.0.13", product_id: "989628-fixed", }, }, { category: "product_version_range", name: "<=17.0.1", product: { name: "Open Source OpenJDK <=17.0.1", product_id: "T021759", }, }, { category: "product_version_range", name: "<=17.0.1", product: { name: "Open Source OpenJDK <=17.0.1", product_id: "T021759-fixed", }, }, { category: "product_version_range", name: "<=15.0.5", product: { name: "Open Source OpenJDK <=15.0.5", product_id: "T021760", }, }, { category: "product_version_range", name: "<=15.0.5", product: { name: "Open Source OpenJDK <=15.0.5", product_id: "T021760-fixed", }, }, { category: "product_version_range", name: "<=13.0.9", product: { name: "Open Source OpenJDK <=13.0.9", product_id: "T021761", }, }, { category: "product_version_range", name: "<=13.0.9", product: { name: "Open Source OpenJDK <=13.0.9", product_id: "T021761-fixed", }, }, { category: "product_version_range", name: "<=8u312", product: { name: "Open Source OpenJDK <=8u312", product_id: "T021762", }, }, { category: "product_version_range", name: "<=8u312", product: { name: "Open Source OpenJDK <=8u312", product_id: "T021762-fixed", }, }, { category: "product_version_range", name: "<=7u321", product: { name: "Open Source OpenJDK <=7u321", product_id: "T021763", }, }, { category: "product_version_range", name: "<=7u321", product: { name: "Open Source OpenJDK <=7u321", product_id: "T021763-fixed", }, }, ], category: "product_name", name: "OpenJDK", }, ], category: "vendor", name: "Open Source", }, { branches: [ { branches: [ { category: "product_version", name: "Enterprise Edition 20.3.4", product: { name: "Oracle GraalVM Enterprise Edition 20.3.4", product_id: "T021750", product_identification_helper: { cpe: "cpe:/a:oracle:graalvm:20.3.4::enterprise", }, }, }, { category: "product_version", name: "Enterprise Edition 21.3.0", product: { name: "Oracle GraalVM Enterprise Edition 21.3.0", product_id: "T021755", product_identification_helper: { cpe: "cpe:/a:oracle:graalvm:21.3.0::enterprise", }, }, }, ], category: "product_name", name: "GraalVM", }, { branches: [ { category: "product_version", name: "11.0.13", product: { name: "Oracle Java SE 11.0.13", product_id: "T021700", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:11.0.13", }, }, }, { category: "product_version", name: "7u321", product: { name: "Oracle Java SE 7u321", product_id: "T021752", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:7:u321", }, }, }, { category: "product_version", name: "8u311", product: { name: "Oracle Java SE 8u311", product_id: "T021753", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:8:u311", }, }, }, { category: "product_version", name: "17.01", product: { name: "Oracle Java SE 17.01", product_id: "T021754", product_identification_helper: { cpe: "cpe:/a:oracle:java_se:17.01", }, }, }, ], category: "product_name", name: "Java SE", }, { category: "product_name", name: "Oracle Linux", product: { name: "Oracle Linux", product_id: "T004914", product_identification_helper: { cpe: "cpe:/o:oracle:linux:-", }, }, }, ], category: "vendor", name: "Oracle", }, { branches: [ { category: "product_name", name: "Red Hat Enterprise Linux", product: { name: "Red Hat Enterprise Linux", product_id: "67646", product_identification_helper: { cpe: "cpe:/o:redhat:enterprise_linux:-", }, }, }, ], category: "vendor", name: "Red Hat", }, { branches: [ { category: "product_name", name: "SUSE Linux", product: { name: "SUSE Linux", product_id: "T002207", product_identification_helper: { cpe: "cpe:/o:suse:suse_linux:-", }, }, }, ], category: "vendor", name: "SUSE", }, { branches: [ { category: "product_name", name: "Ubuntu Linux", product: { name: "Ubuntu Linux", product_id: "T000126", product_identification_helper: { cpe: "cpe:/o:canonical:ubuntu_linux:-", }, }, }, ], category: "vendor", name: "Ubuntu", }, { branches: [ { branches: [ { category: "product_version", name: "v9", product: { name: "Xerox FreeFlow Print Server v9", product_id: "T015632", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2021-22959", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2021-22959", }, { cve: "CVE-2022-21248", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", notes: [ { category: "description", text: "In Oracle Java SE und OpenJDK existieren mehrere Schwachstellen. Durch Ausnutzung dieser Schwachstellen kann ein entfernter, anonymer Angreifer die Vertraulichkeit, Integrität und Verfügbarkeit gefährden. Für die Ausnutzung dieser Schwachstellen ist keine Benutzerinteraktion notwendig. Oracle veröffentlicht keine weiteren Details zu diesen Schwachstellen (außer der Information in der Risiko Matrix im Oracle Advisory zum Critical Patch Update, siehe Link unten in diesem Advisory). Aufgrund der knappen Informationslage erfolgt die Bewertung der Schadenshöhe ausschließlich auf Basis der CVSS Impact Matrix. Der Maximalwert für diese Produkte ist \"LOW\" für \"Confidentiality\", \"Integrity\" und \"Availability\" über alle Schwachstellen aggregiert und bewirkt damit eine Bewertung mit dem Wert \"MITTEL\" für die Schadenshöhe.", }, ], product_status: { known_affected: [ "T015905", "T015904", "T015903", "67646", "T015823", "T010951", "T015127", "T015126", "T004914", "T015520", "T017494", "T021754", "T021753", "T021752", "T020304", "997", "T021755", "398363", "T021750", "T015519", "T015518", "T015517", "T038317", "T015516", "T015632", "T012167", "T016960", "T016243", "T017562", "T023628", "2951", "T002207", "T034391", "T000126", "T021700", "1727", ], last_affected: [ "T021763", "T021762", "989628", "T021759", "T021761", "T021760", ], }, release_date: "2022-01-18T23:00:00.000+00:00", title: "CVE-2022-21366", }, ], }
WID-SEC-W-2022-0302
Vulnerability from csaf_certbund
Published
2022-06-14 22:00
Modified
2023-04-03 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Administratorrechten
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0302 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0302.json", }, { category: "self", summary: "WID-SEC-2022-0302 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0302", }, { category: "external", summary: "XEROX Security Advisory XRX23-005 vom 2023-04-04", url: "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf", }, { category: "external", summary: "Xerox Security Bulletin XRX22-015", url: "https://security.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-015-FreeFlow-Print-Server-v7.pdf", }, { category: "external", summary: "Xerox Security Bulletin XRX22-013 vom 2022-06-14", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-013-FreeFlow-Print-Server-v9.pdf", }, { category: "external", summary: "Xerox Security Bulletin XRX22-012 vom 2022-06-14", url: "https://securitydocs.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-012-FreeFlow-Printer.pdf", }, ], source_lang: "en-US", title: "Xerox FreeFlow Print Server: Mehrere Schwachstellen ermöglichen Ausführen von beliebigem Programmcode mit Administratorrechten", tracking: { current_release_date: "2023-04-03T22:00:00.000+00:00", generator: { date: "2024-08-15T17:27:55.136+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0302", initial_release_date: "2022-06-14T22:00:00.000+00:00", revision_history: [ { date: "2022-06-14T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2022-06-21T22:00:00.000+00:00", number: "2", summary: "Neue Updates von XEROX aufgenommen", }, { date: "2023-04-03T22:00:00.000+00:00", number: "3", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "3", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server 7", product: { name: "Xerox FreeFlow Print Server 7", product_id: "T000872", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:7", }, }, }, { category: "product_name", name: "Xerox FreeFlow Print Server 9", product: { name: "Xerox FreeFlow Print Server 9", product_id: "T002977", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:9", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2016-2124", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2016-2124", }, { cve: "CVE-2019-14822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2019-14822", }, { cve: "CVE-2019-19906", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2019-19906", }, { cve: "CVE-2020-15250", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-15250", }, { cve: "CVE-2020-17049", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-17049", }, { cve: "CVE-2020-25717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25717", }, { cve: "CVE-2020-25718", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25718", }, { cve: "CVE-2020-25719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25719", }, { cve: "CVE-2020-25721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25721", }, { cve: "CVE-2020-25722", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-25722", }, { cve: "CVE-2020-9484", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2020-9484", }, { cve: "CVE-2021-21707", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-21707", }, { cve: "CVE-2021-22926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-22926", }, { cve: "CVE-2021-23192", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-23192", }, { cve: "CVE-2021-27815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-27815", }, { cve: "CVE-2021-30846", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30846", }, { cve: "CVE-2021-30848", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30848", }, { cve: "CVE-2021-30849", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30849", }, { cve: "CVE-2021-30851", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30851", }, { cve: "CVE-2021-30858", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-30858", }, { cve: "CVE-2021-33430", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-33430", }, { cve: "CVE-2021-34141", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-34141", }, { cve: "CVE-2021-35604", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-35604", }, { cve: "CVE-2021-35624", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-35624", }, { cve: "CVE-2021-3572", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3572", }, { cve: "CVE-2021-3711", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3711", }, { cve: "CVE-2021-3733", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3733", }, { cve: "CVE-2021-3737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3737", }, { cve: "CVE-2021-3738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3738", }, { cve: "CVE-2021-3770", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3770", }, { cve: "CVE-2021-3778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3778", }, { cve: "CVE-2021-3796", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3796", }, { cve: "CVE-2021-38115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-38115", }, { cve: "CVE-2021-3872", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3872", }, { cve: "CVE-2021-3875", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3875", }, { cve: "CVE-2021-3903", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3903", }, { cve: "CVE-2021-39212", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39212", }, { cve: "CVE-2021-39272", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39272", }, { cve: "CVE-2021-3928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3928", }, { cve: "CVE-2021-3968", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3968", }, { cve: "CVE-2021-3973", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3973", }, { cve: "CVE-2021-3974", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3974", }, { cve: "CVE-2021-3984", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-3984", }, { cve: "CVE-2021-39920", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39920", }, { cve: "CVE-2021-39921", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39921", }, { cve: "CVE-2021-39922", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39922", }, { cve: "CVE-2021-39923", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39923", }, { cve: "CVE-2021-39924", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39924", }, { cve: "CVE-2021-39925", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39925", }, { cve: "CVE-2021-39926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39926", }, { cve: "CVE-2021-39928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39928", }, { cve: "CVE-2021-39929", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-39929", }, { cve: "CVE-2021-4008", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4008", }, { cve: "CVE-2021-4009", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4009", }, { cve: "CVE-2021-4010", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4010", }, { cve: "CVE-2021-4011", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4011", }, { cve: "CVE-2021-40145", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-40145", }, { cve: "CVE-2021-4019", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4019", }, { cve: "CVE-2021-4034", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4034", }, { cve: "CVE-2021-4069", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4069", }, { cve: "CVE-2021-40812", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-40812", }, { cve: "CVE-2021-41133", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41133", }, { cve: "CVE-2021-4140", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4140", }, { cve: "CVE-2021-41495", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41495", }, { cve: "CVE-2021-41496", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41496", }, { cve: "CVE-2021-4160", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4160", }, { cve: "CVE-2021-4181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4181", }, { cve: "CVE-2021-41817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41817", }, { cve: "CVE-2021-41819", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-41819", }, { cve: "CVE-2021-4182", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4182", }, { cve: "CVE-2021-4183", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4183", }, { cve: "CVE-2021-4184", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4184", }, { cve: "CVE-2021-4185", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-4185", }, { cve: "CVE-2021-42717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-42717", }, { cve: "CVE-2021-42762", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-42762", }, { cve: "CVE-2021-43331", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43331", }, { cve: "CVE-2021-43332", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43332", }, { cve: "CVE-2021-43395", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43395", }, { cve: "CVE-2021-43527", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43527", }, { cve: "CVE-2021-43528", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43528", }, { cve: "CVE-2021-43536", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43536", }, { cve: "CVE-2021-43537", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43537", }, { cve: "CVE-2021-43538", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43538", }, { cve: "CVE-2021-43539", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43539", }, { cve: "CVE-2021-43541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43541", }, { cve: "CVE-2021-43542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43542", }, { cve: "CVE-2021-43543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43543", }, { cve: "CVE-2021-43545", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43545", }, { cve: "CVE-2021-43546", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43546", }, { cve: "CVE-2021-43566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43566", }, { cve: "CVE-2021-43818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-43818", }, { cve: "CVE-2021-44142", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44142", }, { cve: "CVE-2021-44224", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44224", }, { cve: "CVE-2021-44227", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44227", }, { cve: "CVE-2021-44420", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44420", }, { cve: "CVE-2021-44531", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44531", }, { cve: "CVE-2021-44532", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44532", }, { cve: "CVE-2021-44533", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44533", }, { cve: "CVE-2021-44540", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44540", }, { cve: "CVE-2021-44541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44541", }, { cve: "CVE-2021-44542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44542", }, { cve: "CVE-2021-44543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44543", }, { cve: "CVE-2021-44790", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-44790", }, { cve: "CVE-2021-45078", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45078", }, { cve: "CVE-2021-45115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45115", }, { cve: "CVE-2021-45116", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45116", }, { cve: "CVE-2021-45452", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45452", }, { cve: "CVE-2021-45960", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-45960", }, { cve: "CVE-2021-46143", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2021-46143", }, { cve: "CVE-2022-0336", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0336", }, { cve: "CVE-2022-0391", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0391", }, { cve: "CVE-2022-0566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0566", }, { cve: "CVE-2022-0581", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0581", }, { cve: "CVE-2022-0582", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0582", }, { cve: "CVE-2022-0583", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0583", }, { cve: "CVE-2022-0585", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0585", }, { cve: "CVE-2022-0586", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0586", }, { cve: "CVE-2022-0778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-0778", }, { cve: "CVE-2022-21248", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21248", }, { cve: "CVE-2022-21263", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21263", }, { cve: "CVE-2022-21271", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21271", }, { cve: "CVE-2022-21282", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21282", }, { cve: "CVE-2022-21291", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21296", }, { cve: "CVE-2022-21298", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21298", }, { cve: "CVE-2022-21299", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21365", }, { cve: "CVE-2022-21375", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21375", }, { cve: "CVE-2022-21384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21384", }, { cve: "CVE-2022-21416", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21416", }, { cve: "CVE-2022-21446", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21446", }, { cve: "CVE-2022-21461", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21461", }, { cve: "CVE-2022-21463", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21463", }, { cve: "CVE-2022-21493", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21493", }, { cve: "CVE-2022-21494", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21494", }, { cve: "CVE-2022-21712", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21712", }, { cve: "CVE-2022-21716", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21716", }, { cve: "CVE-2022-21824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-21824", }, { cve: "CVE-2022-22719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22719", }, { cve: "CVE-2022-22720", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22720", }, { cve: "CVE-2022-22721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22721", }, { cve: "CVE-2022-22737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22737", }, { cve: "CVE-2022-22738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22738", }, { cve: "CVE-2022-22739", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22739", }, { cve: "CVE-2022-22740", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22740", }, { cve: "CVE-2022-22741", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22741", }, { cve: "CVE-2022-22742", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22742", }, { cve: "CVE-2022-22743", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22743", }, { cve: "CVE-2022-22744", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22744", }, { cve: "CVE-2022-22745", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22745", }, { cve: "CVE-2022-22746", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22746", }, { cve: "CVE-2022-22747", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22747", }, { cve: "CVE-2022-22748", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22748", }, { cve: "CVE-2022-22751", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22751", }, { cve: "CVE-2022-22753", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22753", }, { cve: "CVE-2022-22754", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22754", }, { cve: "CVE-2022-22756", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22756", }, { cve: "CVE-2022-22759", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22759", }, { cve: "CVE-2022-22760", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22760", }, { cve: "CVE-2022-22761", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22761", }, { cve: "CVE-2022-22763", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22763", }, { cve: "CVE-2022-22764", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22764", }, { cve: "CVE-2022-22815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22815", }, { cve: "CVE-2022-22816", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22816", }, { cve: "CVE-2022-22817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22817", }, { cve: "CVE-2022-22818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22818", }, { cve: "CVE-2022-22822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22822", }, { cve: "CVE-2022-22823", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22823", }, { cve: "CVE-2022-22824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22824", }, { cve: "CVE-2022-22825", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22825", }, { cve: "CVE-2022-22826", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22826", }, { cve: "CVE-2022-22827", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-22827", }, { cve: "CVE-2022-23181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23181", }, { cve: "CVE-2022-23833", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23833", }, { cve: "CVE-2022-23852", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23852", }, { cve: "CVE-2022-23943", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23943", }, { cve: "CVE-2022-23990", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-23990", }, { cve: "CVE-2022-24407", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-24407", }, { cve: "CVE-2022-25235", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25235", }, { cve: "CVE-2022-25236", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25236", }, { cve: "CVE-2022-25313", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25313", }, { cve: "CVE-2022-25314", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25314", }, { cve: "CVE-2022-25315", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-25315", }, { cve: "CVE-2022-26381", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26381", }, { cve: "CVE-2022-26383", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26383", }, { cve: "CVE-2022-26384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26384", }, { cve: "CVE-2022-26386", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26386", }, { cve: "CVE-2022-26387", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26387", }, { cve: "CVE-2022-26485", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26485", }, { cve: "CVE-2022-26486", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen. Ein entfernter Angreifer kann diese Schwachstellen ausnutzen, um beliebigen Programmcode auszuführen, einen Cross-Site-Scripting-Angriff durchzuführen, Informationen offenzulegen, einen Denial-of-Service-Zustand zu verursachen oder Dateien zu manipulieren.", }, ], product_status: { known_affected: [ "T000872", "T002977", ], }, release_date: "2022-06-14T22:00:00.000+00:00", title: "CVE-2022-26486", }, ], }
wid-sec-w-2022-0432
Vulnerability from csaf_certbund
Published
2022-06-21 22:00
Modified
2023-04-03 22:00
Summary
Xerox FreeFlow Print Server: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.
Angriff
Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.
Betroffene Betriebssysteme
- Sonstiges
{ document: { aggregate_severity: { text: "hoch", }, category: "csaf_base", csaf_version: "2.0", distribution: { tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "de-DE", notes: [ { category: "legal_disclaimer", text: "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.", }, { category: "description", text: "FreeFlow-Druckserver ist eine Druckserveranwendung für Xerox-Produktionsdrucker, die Flexibilität, umfangreiche Workflow-Optionen und eine Farbverwaltung bietet.", title: "Produktbeschreibung", }, { category: "summary", text: "Ein entfernter, authentisierter Angreifer kann mehrere Schwachstellen in Xerox FreeFlow Print Server ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", title: "Angriff", }, { category: "general", text: "- Sonstiges", title: "Betroffene Betriebssysteme", }, ], publisher: { category: "other", contact_details: "csaf-provider@cert-bund.de", name: "Bundesamt für Sicherheit in der Informationstechnik", namespace: "https://www.bsi.bund.de", }, references: [ { category: "self", summary: "WID-SEC-W-2022-0432 - CSAF Version", url: "https://wid.cert-bund.de/.well-known/csaf/white/2022/wid-sec-w-2022-0432.json", }, { category: "self", summary: "WID-SEC-2022-0432 - Portal Version", url: "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2022-0432", }, { category: "external", summary: "XEROX Security Advisory XRX23-005 vom 2023-04-04", url: "https://security.business.xerox.com/wp-content/uploads/2023/04/Xerox-Security-Bulletin-XRX23-005-Xerox%25C2%25AE-FreeFlow%25C2%25AE-Print-Server-v9.pdf", }, { category: "external", summary: "Xerox Mini Bulletin XRX21A vom 2022-06-21", url: "https://security.business.xerox.com/wp-content/uploads/2022/06/Xerox-Security-Bulletin-XRX22-014-FreeFlow-Print-Server-v9.pdf", }, ], source_lang: "en-US", title: "Xerox FreeFlow Print Server: Mehrere Schwachstellen", tracking: { current_release_date: "2023-04-03T22:00:00.000+00:00", generator: { date: "2024-08-15T17:29:02.928+00:00", engine: { name: "BSI-WID", version: "1.3.5", }, }, id: "WID-SEC-W-2022-0432", initial_release_date: "2022-06-21T22:00:00.000+00:00", revision_history: [ { date: "2022-06-21T22:00:00.000+00:00", number: "1", summary: "Initiale Fassung", }, { date: "2023-04-03T22:00:00.000+00:00", number: "2", summary: "Neue Updates von XEROX aufgenommen", }, ], status: "final", version: "2", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_name", name: "Xerox FreeFlow Print Server 9", product: { name: "Xerox FreeFlow Print Server 9", product_id: "T002977", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:9", }, }, }, { category: "product_name", name: "Xerox FreeFlow Print Server v9", product: { name: "Xerox FreeFlow Print Server v9", product_id: "T015632", product_identification_helper: { cpe: "cpe:/a:xerox:freeflow_print_server:v9", }, }, }, ], category: "product_name", name: "FreeFlow Print Server", }, ], category: "vendor", name: "Xerox", }, ], }, vulnerabilities: [ { cve: "CVE-2016-2124", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2016-2124", }, { cve: "CVE-2019-14822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2019-14822", }, { cve: "CVE-2019-19906", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2019-19906", }, { cve: "CVE-2020-15250", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-15250", }, { cve: "CVE-2020-17049", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-17049", }, { cve: "CVE-2020-25717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25717", }, { cve: "CVE-2020-25718", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25718", }, { cve: "CVE-2020-25719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25719", }, { cve: "CVE-2020-25721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25721", }, { cve: "CVE-2020-25722", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-25722", }, { cve: "CVE-2020-9484", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2020-9484", }, { cve: "CVE-2021-21707", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-21707", }, { cve: "CVE-2021-22926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-22926", }, { cve: "CVE-2021-23192", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-23192", }, { cve: "CVE-2021-27815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-27815", }, { cve: "CVE-2021-30846", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30846", }, { cve: "CVE-2021-30848", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30848", }, { cve: "CVE-2021-30849", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30849", }, { cve: "CVE-2021-30851", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30851", }, { cve: "CVE-2021-30858", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-30858", }, { cve: "CVE-2021-33430", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-33430", }, { cve: "CVE-2021-34141", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-34141", }, { cve: "CVE-2021-35604", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-35604", }, { cve: "CVE-2021-35624", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-35624", }, { cve: "CVE-2021-3572", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3572", }, { cve: "CVE-2021-3711", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3711", }, { cve: "CVE-2021-3733", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3733", }, { cve: "CVE-2021-3737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3737", }, { cve: "CVE-2021-3738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3738", }, { cve: "CVE-2021-3770", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3770", }, { cve: "CVE-2021-3778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3778", }, { cve: "CVE-2021-3796", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3796", }, { cve: "CVE-2021-38115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-38115", }, { cve: "CVE-2021-3872", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3872", }, { cve: "CVE-2021-3875", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3875", }, { cve: "CVE-2021-3903", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3903", }, { cve: "CVE-2021-39212", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39212", }, { cve: "CVE-2021-39272", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39272", }, { cve: "CVE-2021-3928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3928", }, { cve: "CVE-2021-3968", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3968", }, { cve: "CVE-2021-3973", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3973", }, { cve: "CVE-2021-3974", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3974", }, { cve: "CVE-2021-3984", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-3984", }, { cve: "CVE-2021-39920", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39920", }, { cve: "CVE-2021-39921", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39921", }, { cve: "CVE-2021-39922", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39922", }, { cve: "CVE-2021-39923", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39923", }, { cve: "CVE-2021-39924", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39924", }, { cve: "CVE-2021-39925", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39925", }, { cve: "CVE-2021-39926", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39926", }, { cve: "CVE-2021-39928", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39928", }, { cve: "CVE-2021-39929", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-39929", }, { cve: "CVE-2021-4008", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4008", }, { cve: "CVE-2021-4009", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4009", }, { cve: "CVE-2021-4010", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4010", }, { cve: "CVE-2021-4011", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4011", }, { cve: "CVE-2021-40145", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-40145", }, { cve: "CVE-2021-4019", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4019", }, { cve: "CVE-2021-4034", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4034", }, { cve: "CVE-2021-4069", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4069", }, { cve: "CVE-2021-40812", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-40812", }, { cve: "CVE-2021-41133", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41133", }, { cve: "CVE-2021-4140", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4140", }, { cve: "CVE-2021-41495", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41495", }, { cve: "CVE-2021-41496", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41496", }, { cve: "CVE-2021-4181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4181", }, { cve: "CVE-2021-41817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41817", }, { cve: "CVE-2021-41819", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-41819", }, { cve: "CVE-2021-4182", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4182", }, { cve: "CVE-2021-4183", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4183", }, { cve: "CVE-2021-4184", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4184", }, { cve: "CVE-2021-4185", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-4185", }, { cve: "CVE-2021-42717", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-42717", }, { cve: "CVE-2021-42762", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-42762", }, { cve: "CVE-2021-43331", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43331", }, { cve: "CVE-2021-43332", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43332", }, { cve: "CVE-2021-43395", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43395", }, { cve: "CVE-2021-43527", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43527", }, { cve: "CVE-2021-43528", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43528", }, { cve: "CVE-2021-43536", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43536", }, { cve: "CVE-2021-43537", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43537", }, { cve: "CVE-2021-43538", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43538", }, { cve: "CVE-2021-43539", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43539", }, { cve: "CVE-2021-43541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43541", }, { cve: "CVE-2021-43542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43542", }, { cve: "CVE-2021-43543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43543", }, { cve: "CVE-2021-43545", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43545", }, { cve: "CVE-2021-43546", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43546", }, { cve: "CVE-2021-43566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43566", }, { cve: "CVE-2021-43818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-43818", }, { cve: "CVE-2021-44142", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44142", }, { cve: "CVE-2021-44224", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44224", }, { cve: "CVE-2021-44227", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44227", }, { cve: "CVE-2021-44420", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44420", }, { cve: "CVE-2021-44531", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44531", }, { cve: "CVE-2021-44532", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44532", }, { cve: "CVE-2021-44533", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44533", }, { cve: "CVE-2021-44540", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44540", }, { cve: "CVE-2021-44541", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44541", }, { cve: "CVE-2021-44542", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44542", }, { cve: "CVE-2021-44543", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44543", }, { cve: "CVE-2021-44790", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-44790", }, { cve: "CVE-2021-45078", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45078", }, { cve: "CVE-2021-45115", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45115", }, { cve: "CVE-2021-45116", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45116", }, { cve: "CVE-2021-45452", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45452", }, { cve: "CVE-2021-45960", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-45960", }, { cve: "CVE-2021-46143", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2021-46143", }, { cve: "CVE-2022-0336", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0336", }, { cve: "CVE-2022-0391", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0391", }, { cve: "CVE-2022-0566", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0566", }, { cve: "CVE-2022-0581", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0581", }, { cve: "CVE-2022-0582", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0582", }, { cve: "CVE-2022-0583", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0583", }, { cve: "CVE-2022-0585", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0585", }, { cve: "CVE-2022-0586", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0586", }, { cve: "CVE-2022-0778", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-0778", }, { cve: "CVE-2022-21248", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21248", }, { cve: "CVE-2022-21263", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21263", }, { cve: "CVE-2022-21271", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21271", }, { cve: "CVE-2022-21282", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21282", }, { cve: "CVE-2022-21291", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21296", }, { cve: "CVE-2022-21298", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21298", }, { cve: "CVE-2022-21299", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21365", }, { cve: "CVE-2022-21375", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21375", }, { cve: "CVE-2022-21384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21384", }, { cve: "CVE-2022-21416", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21416", }, { cve: "CVE-2022-21446", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21446", }, { cve: "CVE-2022-21461", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21461", }, { cve: "CVE-2022-21463", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21463", }, { cve: "CVE-2022-21493", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21493", }, { cve: "CVE-2022-21494", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21494", }, { cve: "CVE-2022-21712", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21712", }, { cve: "CVE-2022-21716", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21716", }, { cve: "CVE-2022-21824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-21824", }, { cve: "CVE-2022-22719", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22719", }, { cve: "CVE-2022-22720", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22720", }, { cve: "CVE-2022-22721", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22721", }, { cve: "CVE-2022-22737", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22737", }, { cve: "CVE-2022-22738", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22738", }, { cve: "CVE-2022-22739", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22739", }, { cve: "CVE-2022-22740", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22740", }, { cve: "CVE-2022-22741", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22741", }, { cve: "CVE-2022-22742", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22742", }, { cve: "CVE-2022-22743", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22743", }, { cve: "CVE-2022-22744", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22744", }, { cve: "CVE-2022-22745", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22745", }, { cve: "CVE-2022-22746", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22746", }, { cve: "CVE-2022-22747", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22747", }, { cve: "CVE-2022-22748", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22748", }, { cve: "CVE-2022-22751", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22751", }, { cve: "CVE-2022-22753", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22753", }, { cve: "CVE-2022-22754", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22754", }, { cve: "CVE-2022-22756", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22756", }, { cve: "CVE-2022-22759", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22759", }, { cve: "CVE-2022-22760", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22760", }, { cve: "CVE-2022-22761", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22761", }, { cve: "CVE-2022-22763", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22763", }, { cve: "CVE-2022-22764", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22764", }, { cve: "CVE-2022-22815", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22815", }, { cve: "CVE-2022-22816", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22816", }, { cve: "CVE-2022-22817", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22817", }, { cve: "CVE-2022-22818", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22818", }, { cve: "CVE-2022-22822", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22822", }, { cve: "CVE-2022-22823", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22823", }, { cve: "CVE-2022-22824", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22824", }, { cve: "CVE-2022-22825", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22825", }, { cve: "CVE-2022-22826", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22826", }, { cve: "CVE-2022-22827", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-22827", }, { cve: "CVE-2022-23181", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23181", }, { cve: "CVE-2022-23833", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23833", }, { cve: "CVE-2022-23852", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23852", }, { cve: "CVE-2022-23943", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23943", }, { cve: "CVE-2022-23990", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-23990", }, { cve: "CVE-2022-24407", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-24407", }, { cve: "CVE-2022-25235", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25235", }, { cve: "CVE-2022-25236", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25236", }, { cve: "CVE-2022-25313", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25313", }, { cve: "CVE-2022-25314", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25314", }, { cve: "CVE-2022-25315", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-25315", }, { cve: "CVE-2022-26381", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26381", }, { cve: "CVE-2022-26383", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26383", }, { cve: "CVE-2022-26384", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26384", }, { cve: "CVE-2022-26386", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26386", }, { cve: "CVE-2022-26387", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26387", }, { cve: "CVE-2022-26485", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26485", }, { cve: "CVE-2022-26486", notes: [ { category: "description", text: "In Xerox FreeFlow Print Server existieren mehrere Schwachstellen, die im Zusammenhang mit der Solaris Betriebssystem Plattform stehen. Ein Angreifer kann diese Schwachstellen ausnutzen, um die Vertraulichkeit, Verfügbarkeit und Integrität zu gefährden.", }, ], product_status: { known_affected: [ "T015632", "T002977", ], }, release_date: "2022-06-21T22:00:00.000+00:00", title: "CVE-2022-26486", }, ], }
ghsa-7224-894f-v4pr
Vulnerability from github
Published
2022-01-20 00:01
Modified
2022-04-21 00:01
Severity ?
Details
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
{ affected: [], aliases: [ "CVE-2022-21271", ], database_specific: { cwe_ids: [], github_reviewed: false, github_reviewed_at: null, nvd_published_at: "2022-01-19T12:15:00Z", severity: "MODERATE", }, details: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", id: "GHSA-7224-894f-v4pr", modified: "2022-04-21T00:01:20Z", published: "2022-01-20T00:01:32Z", references: [ { type: "ADVISORY", url: "https://nvd.nist.gov/vuln/detail/CVE-2022-21271", }, { type: "WEB", url: "https://security.gentoo.org/glsa/202209-05", }, { type: "WEB", url: "https://security.netapp.com/advisory/ntap-20220121-0007", }, { type: "WEB", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { type: "WEB", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, ], schema_version: "1.4.0", severity: [ { score: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", type: "CVSS_V3", }, ], }
gsd-2022-21271
Vulnerability from gsd
Modified
2023-12-13 01:19
Details
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Aliases
Aliases
{ GSD: { alias: "CVE-2022-21271", description: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", id: "GSD-2022-21271", references: [ "https://www.suse.com/security/cve/CVE-2022-21271.html", ], }, gsd: { metadata: { exploitCode: "unknown", remediation: "unknown", reportConfidence: "confirmed", type: "vulnerability", }, osvSchema: { aliases: [ "CVE-2022-21271", ], details: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", id: "GSD-2022-21271", modified: "2023-12-13T01:19:14.809691Z", schema_version: "1.4.0", }, }, namespaces: { "cve.org": { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2022-21271", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Solaris Operating System", version: { version_data: [ { version_affected: "=", version_value: "11", }, ], }, }, ], }, vendor_name: "Oracle Corporation", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", }, ], }, impact: { cvss: { baseScore: "5.3", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition.", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220121-0007/", refsource: "CONFIRM", url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { name: "GLSA-202209-05", refsource: "GENTOO", url: "https://security.gentoo.org/glsa/202209-05", }, ], }, }, "nvd.nist.gov": { configurations: { CVE_data_version: "4.0", nodes: [ { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:o:oracle:solaris:11:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:http_server:12.2.1.3.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:http_server:12.2.1.4.0:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:zfs_storage_appliance_kit:8.8:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:graalvm:21.3.0:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:jre:1.7.0:update321:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:jre:11.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:graalvm:20.3.4:*:*:*:enterprise:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:jre:1.8.0:update311:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:jdk:1.7.0:update321:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:jdk:11.0.13:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:oracle:jdk:1.8.0:update311:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, { children: [], cpe_match: [ { cpe23Uri: "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:oracle:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:snapmanager:-:*:*:*:*:sap:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:7-mode_transition_tool:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:*", cpe_name: [], versionEndIncluding: "11.70.1", versionStartIncluding: "11.0.0", vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, { cpe23Uri: "cpe:2.3:a:netapp:cloud_secure_agent:-:*:*:*:*:*:*:*", cpe_name: [], vulnerable: true, }, ], operator: "OR", }, ], }, cve: { CVE_data_meta: { ASSIGNER: "secalert_us@oracle.com", ID: "CVE-2022-21271", }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "en", value: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], }, ], }, references: { reference_data: [ { name: "https://www.oracle.com/security-alerts/cpujan2022.html", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpujan2022.html", }, { name: "https://security.netapp.com/advisory/ntap-20220121-0007/", refsource: "CONFIRM", tags: [ "Third Party Advisory", ], url: "https://security.netapp.com/advisory/ntap-20220121-0007/", }, { name: "https://www.oracle.com/security-alerts/cpuapr2022.html", refsource: "MISC", tags: [ "Vendor Advisory", ], url: "https://www.oracle.com/security-alerts/cpuapr2022.html", }, { name: "GLSA-202209-05", refsource: "GENTOO", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202209-05", }, ], }, }, impact: { baseMetricV2: { acInsufInfo: false, cvssV2: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, severity: "MEDIUM", userInteractionRequired: false, }, baseMetricV3: { cvssV3: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "LOW", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 1.4, }, }, lastModifiedDate: "2022-10-27T22:56Z", publishedDate: "2022-01-19T12:15Z", }, }, }
opensuse-su-2022:1027-1
Vulnerability from csaf_opensuse
Published
2022-03-29 13:42
Modified
2022-03-29 13:42
Summary
Security update for java-1_8_0-ibm
Notes
Title of the patch
Security update for java-1_8_0-ibm
Description of the patch
This update for java-1_8_0-ibm fixes the following issues:
Update Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).
Including fixes for the following vulnerabilities:
CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,
CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,
CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,
CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,
CVE-2022-21271.
Non-securtiy fix:
- Fixed a broken symlink for javaws (bsc#1195146).
Patchnames
openSUSE-SLE-15.3-2022-1027,openSUSE-SLE-15.4-2022-1027
Terms of use
CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).
{ document: { aggregate_severity: { namespace: "https://www.suse.com/support/security/rating/", text: "important", }, category: "csaf_security_advisory", csaf_version: "2.0", distribution: { text: "Copyright 2024 SUSE LLC. All rights reserved.", tlp: { label: "WHITE", url: "https://www.first.org/tlp/", }, }, lang: "en", notes: [ { category: "summary", text: "Security update for java-1_8_0-ibm", title: "Title of the patch", }, { category: "description", text: "This update for java-1_8_0-ibm fixes the following issues:\n\nUpdate Java 8.0 to Service Refresh 7 Fix Pack 5 (bsc#1197126).\n\nIncluding fixes for the following vulnerabilities: \n\n CVE-2022-21366, CVE-2022-21365, CVE-2022-21360, CVE-2022-21349,\n CVE-2022-21341, CVE-2022-21340, CVE-2022-21305, CVE-2022-21277,\n CVE-2022-21299, CVE-2022-21296, CVE-2022-21282, CVE-2022-21294,\n CVE-2022-21293, CVE-2022-21291, CVE-2022-21283, CVE-2022-21248,\n CVE-2022-21271.\n\nNon-securtiy fix:\n\n- Fixed a broken symlink for javaws (bsc#1195146).\n", title: "Description of the patch", }, { category: "details", text: "openSUSE-SLE-15.3-2022-1027,openSUSE-SLE-15.4-2022-1027", title: "Patchnames", }, { category: "legal_disclaimer", text: "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).", title: "Terms of use", }, ], publisher: { category: "vendor", contact_details: "https://www.suse.com/support/security/contact/", name: "SUSE Product Security Team", namespace: "https://www.suse.com/", }, references: [ { category: "external", summary: "SUSE ratings", url: "https://www.suse.com/support/security/rating/", }, { category: "self", summary: "URL of this CSAF notice", url: "https://ftp.suse.com/pub/projects/security/csaf/opensuse-su-2022_1027-1.json", }, { category: "self", summary: "URL for openSUSE-SU-2022:1027-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2EH4HQJU5VK7ZC3BHZTQT6QUXNTGNXVQ/", }, { category: "self", summary: "E-Mail link for openSUSE-SU-2022:1027-1", url: "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2EH4HQJU5VK7ZC3BHZTQT6QUXNTGNXVQ/", }, { category: "self", summary: "SUSE Bug 1194925", url: "https://bugzilla.suse.com/1194925", }, { category: "self", summary: "SUSE Bug 1194926", url: "https://bugzilla.suse.com/1194926", }, { category: "self", summary: "SUSE Bug 1194927", url: "https://bugzilla.suse.com/1194927", }, { category: "self", summary: "SUSE Bug 1194928", url: "https://bugzilla.suse.com/1194928", }, { category: "self", summary: "SUSE Bug 1194929", url: "https://bugzilla.suse.com/1194929", }, { category: "self", summary: "SUSE Bug 1194930", url: "https://bugzilla.suse.com/1194930", }, { category: "self", summary: "SUSE Bug 1194931", url: "https://bugzilla.suse.com/1194931", }, { category: "self", summary: "SUSE Bug 1194932", url: "https://bugzilla.suse.com/1194932", }, { category: "self", summary: "SUSE Bug 1194933", url: "https://bugzilla.suse.com/1194933", }, { category: "self", summary: "SUSE Bug 1194934", url: "https://bugzilla.suse.com/1194934", }, { category: "self", summary: "SUSE Bug 1194935", url: "https://bugzilla.suse.com/1194935", }, { category: "self", summary: "SUSE Bug 1194937", url: "https://bugzilla.suse.com/1194937", }, { category: "self", summary: "SUSE Bug 1194939", url: "https://bugzilla.suse.com/1194939", }, { category: "self", summary: "SUSE Bug 1194940", url: "https://bugzilla.suse.com/1194940", }, { category: "self", summary: "SUSE Bug 1194941", url: "https://bugzilla.suse.com/1194941", }, { category: "self", summary: "SUSE Bug 1195146", url: "https://bugzilla.suse.com/1195146", }, { category: "self", summary: "SUSE Bug 1196500", url: "https://bugzilla.suse.com/1196500", }, { category: "self", summary: "SUSE Bug 1197126", url: "https://bugzilla.suse.com/1197126", }, { category: "self", summary: "SUSE CVE CVE-2022-21248 page", url: "https://www.suse.com/security/cve/CVE-2022-21248/", }, { category: "self", summary: "SUSE CVE CVE-2022-21271 page", url: "https://www.suse.com/security/cve/CVE-2022-21271/", }, { category: "self", summary: "SUSE CVE CVE-2022-21277 page", url: "https://www.suse.com/security/cve/CVE-2022-21277/", }, { category: "self", summary: "SUSE CVE CVE-2022-21282 page", url: "https://www.suse.com/security/cve/CVE-2022-21282/", }, { category: "self", summary: "SUSE CVE CVE-2022-21283 page", url: "https://www.suse.com/security/cve/CVE-2022-21283/", }, { category: "self", summary: "SUSE CVE CVE-2022-21291 page", url: "https://www.suse.com/security/cve/CVE-2022-21291/", }, { category: "self", summary: "SUSE CVE CVE-2022-21293 page", url: "https://www.suse.com/security/cve/CVE-2022-21293/", }, { category: "self", summary: "SUSE CVE CVE-2022-21294 page", url: "https://www.suse.com/security/cve/CVE-2022-21294/", }, { category: "self", summary: "SUSE CVE CVE-2022-21296 page", url: "https://www.suse.com/security/cve/CVE-2022-21296/", }, { category: "self", summary: "SUSE CVE CVE-2022-21299 page", url: "https://www.suse.com/security/cve/CVE-2022-21299/", }, { category: "self", summary: "SUSE CVE CVE-2022-21305 page", url: "https://www.suse.com/security/cve/CVE-2022-21305/", }, { category: "self", summary: "SUSE CVE CVE-2022-21340 page", url: "https://www.suse.com/security/cve/CVE-2022-21340/", }, { category: "self", summary: "SUSE CVE CVE-2022-21341 page", url: "https://www.suse.com/security/cve/CVE-2022-21341/", }, { category: "self", summary: "SUSE CVE CVE-2022-21349 page", url: "https://www.suse.com/security/cve/CVE-2022-21349/", }, { category: "self", summary: "SUSE CVE CVE-2022-21360 page", url: "https://www.suse.com/security/cve/CVE-2022-21360/", }, { category: "self", summary: "SUSE CVE CVE-2022-21365 page", url: "https://www.suse.com/security/cve/CVE-2022-21365/", }, { category: "self", summary: "SUSE CVE CVE-2022-21366 page", url: "https://www.suse.com/security/cve/CVE-2022-21366/", }, ], title: "Security update for java-1_8_0-ibm", tracking: { current_release_date: "2022-03-29T13:42:03Z", generator: { date: "2022-03-29T13:42:03Z", engine: { name: "cve-database.git:bin/generate-csaf.pl", version: "1", }, }, id: "openSUSE-SU-2022:1027-1", initial_release_date: "2022-03-29T13:42:03Z", revision_history: [ { date: "2022-03-29T13:42:03Z", number: "1", summary: "Current version", }, ], status: "final", version: "1", }, }, product_tree: { branches: [ { branches: [ { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, }, ], category: "architecture", name: "ppc64le", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", }, }, ], category: "architecture", name: "s390x", }, { branches: [ { category: "product_version", name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, { category: "product_version", name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", product: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", product_id: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", }, }, ], category: "architecture", name: "x86_64", }, { branches: [ { category: "product_name", name: "openSUSE Leap 15.3", product: { name: "openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3", product_identification_helper: { cpe: "cpe:/o:opensuse:leap:15.3", }, }, }, ], category: "product_family", name: "SUSE Linux Enterprise", }, ], category: "vendor", name: "SUSE", }, ], relationships: [ { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", }, product_reference: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", }, product_reference: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", relates_to_product_reference: "openSUSE Leap 15.3", }, { category: "default_component_of", full_product_name: { name: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64 as component of openSUSE Leap 15.3", product_id: "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", }, product_reference: "java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", relates_to_product_reference: "openSUSE Leap 15.3", }, ], }, vulnerabilities: [ { cve: "CVE-2022-21248", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21248", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21248", url: "https://www.suse.com/security/cve/CVE-2022-21248", }, { category: "external", summary: "SUSE Bug 1194926 for CVE-2022-21248", url: "https://bugzilla.suse.com/1194926", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21248", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 3.7, baseSeverity: "LOW", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "low", }, ], title: "CVE-2022-21248", }, { cve: "CVE-2022-21271", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21271", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21271", url: "https://www.suse.com/security/cve/CVE-2022-21271", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21271", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21271", }, { cve: "CVE-2022-21277", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21277", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21277", url: "https://www.suse.com/security/cve/CVE-2022-21277", }, { category: "external", summary: "SUSE Bug 1194930 for CVE-2022-21277", url: "https://bugzilla.suse.com/1194930", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21277", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21277", }, { cve: "CVE-2022-21282", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21282", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21282", url: "https://www.suse.com/security/cve/CVE-2022-21282", }, { category: "external", summary: "SUSE Bug 1194933 for CVE-2022-21282", url: "https://bugzilla.suse.com/1194933", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21282", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21282", }, { cve: "CVE-2022-21283", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21283", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21283", url: "https://www.suse.com/security/cve/CVE-2022-21283", }, { category: "external", summary: "SUSE Bug 1194937 for CVE-2022-21283", url: "https://bugzilla.suse.com/1194937", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21283", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21283", }, { cve: "CVE-2022-21291", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21291", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21291", url: "https://www.suse.com/security/cve/CVE-2022-21291", }, { category: "external", summary: "SUSE Bug 1194925 for CVE-2022-21291", url: "https://bugzilla.suse.com/1194925", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21291", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21291", }, { cve: "CVE-2022-21293", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21293", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21293", url: "https://www.suse.com/security/cve/CVE-2022-21293", }, { category: "external", summary: "SUSE Bug 1194935 for CVE-2022-21293", url: "https://bugzilla.suse.com/1194935", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21293", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21293", }, { cve: "CVE-2022-21294", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21294", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21294", url: "https://www.suse.com/security/cve/CVE-2022-21294", }, { category: "external", summary: "SUSE Bug 1194934 for CVE-2022-21294", url: "https://bugzilla.suse.com/1194934", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21294", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21294", }, { cve: "CVE-2022-21296", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21296", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21296", url: "https://www.suse.com/security/cve/CVE-2022-21296", }, { category: "external", summary: "SUSE Bug 1194932 for CVE-2022-21296", url: "https://bugzilla.suse.com/1194932", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21296", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21296", }, { cve: "CVE-2022-21299", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21299", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21299", url: "https://www.suse.com/security/cve/CVE-2022-21299", }, { category: "external", summary: "SUSE Bug 1194931 for CVE-2022-21299", url: "https://bugzilla.suse.com/1194931", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21299", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21299", }, { cve: "CVE-2022-21305", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21305", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21305", url: "https://www.suse.com/security/cve/CVE-2022-21305", }, { category: "external", summary: "SUSE Bug 1194939 for CVE-2022-21305", url: "https://bugzilla.suse.com/1194939", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21305", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21305", }, { cve: "CVE-2022-21340", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21340", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21340", url: "https://www.suse.com/security/cve/CVE-2022-21340", }, { category: "external", summary: "SUSE Bug 1194940 for CVE-2022-21340", url: "https://bugzilla.suse.com/1194940", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21340", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21340", }, { cve: "CVE-2022-21341", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21341", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21341", url: "https://www.suse.com/security/cve/CVE-2022-21341", }, { category: "external", summary: "SUSE Bug 1194941 for CVE-2022-21341", url: "https://bugzilla.suse.com/1194941", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21341", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21341", }, { cve: "CVE-2022-21349", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21349", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21349", url: "https://www.suse.com/security/cve/CVE-2022-21349", }, { category: "external", summary: "SUSE Bug 1196500 for CVE-2022-21349", url: "https://bugzilla.suse.com/1196500", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21349", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21349", }, { cve: "CVE-2022-21360", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21360", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21360", url: "https://www.suse.com/security/cve/CVE-2022-21360", }, { category: "external", summary: "SUSE Bug 1194929 for CVE-2022-21360", url: "https://bugzilla.suse.com/1194929", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21360", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21360", }, { cve: "CVE-2022-21365", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21365", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21365", url: "https://www.suse.com/security/cve/CVE-2022-21365", }, { category: "external", summary: "SUSE Bug 1194928 for CVE-2022-21365", url: "https://bugzilla.suse.com/1194928", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21365", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21365", }, { cve: "CVE-2022-21366", ids: [ { system_name: "SUSE CVE Page", text: "https://www.suse.com/security/cve/CVE-2022-21366", }, ], notes: [ { category: "general", text: "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", title: "CVE description", }, ], product_status: { recommended: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, references: [ { category: "external", summary: "CVE-2022-21366", url: "https://www.suse.com/security/cve/CVE-2022-21366", }, { category: "external", summary: "SUSE Bug 1194927 for CVE-2022-21366", url: "https://bugzilla.suse.com/1194927", }, { category: "external", summary: "SUSE Bug 1197126 for CVE-2022-21366", url: "https://bugzilla.suse.com/1197126", }, ], remediations: [ { category: "vendor_fix", details: "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n", product_ids: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], scores: [ { cvss_v3: { baseScore: 5.3, baseSeverity: "MEDIUM", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", version: "3.1", }, products: [ "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-alsa-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-demo-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-devel-32bit-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-plugin-1.8.0_sr7.5-150000.3.56.1.x86_64", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.ppc64le", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.s390x", "openSUSE Leap 15.3:java-1_8_0-ibm-src-1.8.0_sr7.5-150000.3.56.1.x86_64", ], }, ], threats: [ { category: "impact", date: "2022-03-29T13:42:03Z", details: "moderate", }, ], title: "CVE-2022-21366", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
UUIDv4 of the comment
UUIDv4 of the Vulnerability-Lookup instance
When the comment was created originally
When the comment was last updated
Title of the comment
Description of the comment
The identifier of the vulnerability (CVE ID, GHSA-ID, PYSEC ID, etc.).
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.