Vulnerability CVE-2021-2388 - CERT Civis.Net

Vulnerability Name:

CVE-2021-2388 (CCN-205815)

Assigned:

2020-12-09

Published:

2021-07-20

Updated:

2022-09-23

Summary:

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Oracle GraalVM Enterprise Edition.
Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

7.5 High (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H)
6.5 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): Required
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): High Availibility (A): High

CVSS v2 Severity:

5.1 Medium (CVSS v2 Vector: AV:N/AC:H/Au:N/C:P/I:P/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

7.1 High (CCN CVSS v2 Vector: AV:N/AC:H/Au:S/C:C/I:C/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): Complete Integrity (I): Complete Availibility (A): Complete

Vulnerability Type:

CWE-noinfo
CWE-697

Vulnerability Consequences:

Other

References:

Source: MITRE
Type: CNA
CVE-2021-2388

Source: XF
Type: UNKNOWN
oracle-cpujul2021-cve20212388(205815)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210809 [SECURITY] [DLA 2737-1] openjdk-8 security update

Source: GENTOO
Type: Third Party Advisory
GLSA-202209-05

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20210723-0002/

Source: DEBIAN
Type: Third Party Advisory
DSA-4946

Source: CCN
Type: IBM Security Bulletin 6482173 (Java)
Multiple vulnerabilities may affect IBM SDK, Java Technology Edition

Source: CCN
Type: IBM Security Bulletin 6482283 (WebSphere Application Server Patterns)
Multiple vulnerabilities in IBM Java SDK affects WebSphere Application Server July 2021 CPU that is bundled with IBM WebSphere Application Server Patterns

Source: CCN
Type: IBM Security Bulletin 6487067 (Liberty for Java)
Multiple security vulnerabilities affect Liberty for Java for IBM Cloud

Source: CCN
Type: IBM Security Bulletin 6488937 (Rational Publishing Engine)
Security Vulnerabilities in IBM Java SDK July 2021 CPU affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Source: CCN
Type: IBM Security Bulletin 6489423 (CICS Transaction Gateway for Multiplatforms)
September 2021 :Multiple vulnerabilities in IBM Java Runtime affect CICS Transaction Gateway

Source: CCN
Type: IBM Security Bulletin 6489477 (AIX)
Multiple vulnerabilities in IBM Java SDK affect AIX

Source: CCN
Type: IBM Security Bulletin 6491135 (WIoTP MessageGateway)
Multiple vulnerabilities in IBM Java Runtime affect IBM MessageGateway

Source: CCN
Type: IBM Security Bulletin 6491697 (DataQuant for z/OS)
IBM SDK, Java Tech Edition Quarterly CPU Jul 2021 - Includes Oracle Jul 2021 CPU (minus CVE-2021-2341)

Source: CCN
Type: IBM Security Bulletin 6491795 (DB2 Query Management Facility)
IBM SDK, Java Tech Edition Quarterly CPU Jul 2021 - Includes Oracle Jul 2021 CPU (minus CVE-2021-2341)

Source: CCN
Type: IBM Security Bulletin 6493275 (Kenexa LMS on premise)
IBM Kenexa LMS On Premise -IBM SDK, Java Technology Edition Quarterly CPU - Jul 2021 - Includes Oracle Jul 2021 CPU (minus CVE-2021-2341)

Source: CCN
Type: IBM Security Bulletin 6493703 (Rational Functional Tester)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Source: CCN
Type: IBM Security Bulletin 6493729 (Cloud Pak for Security)
Cloud Pak for Security is vulnerable to several CVEs

Source: CCN
Type: IBM Security Bulletin 6493847 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is affected by multiple IBM Java Runtime vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6495391 (Event Streams)
IBM Event Streams is affected by multiple vulnerabilities in the Java runtime

Source: CCN
Type: IBM Security Bulletin 6497287 (Tivoli Application Dependency Discovery Manager)
IBM SDK, Java Technology Edition Quarterly CPU - Jul 2021 - Includes Oracle Jul 2021 CPU

Source: CCN
Type: IBM Security Bulletin 6497499 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6509706 (Compare and Comply)
Multiple vulnerabilities may affect IBM SDK, Java Technology Edition

Source: CCN
Type: IBM Security Bulletin 6510052 (Tivoli Composite Application Manager for Transactions)
IBM SDK, Java Technology Edition Quarterly CPU - July 2021 - Includes Oracle July 2021 CPU minus CVE-2021-2341 affects IBM Tivoli Composite Application Manager for Transactions-Robotic Response Time

Source: CCN
Type: IBM Security Bulletin 6510172 (Application Discovery and Delivery Intelligence)
Vulnerabilities in IBM Java SDK affecting IBM Application Discovery and Delivery Intelligence V5.1.0.7

Source: CCN
Type: IBM Security Bulletin 6514445 (Tivoli Netcool/Impact)
A vulnerability in IBM Java SDK affects IBM Tivoli Netcool Impact (CVE-2021-2388, CVE-2021-2369, CVE-2021-2432)

Source: CCN
Type: IBM Security Bulletin 6514787 (Rational Business Developer)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Business Developer

Source: CCN
Type: IBM Security Bulletin 6514823 (Tivoli Monitoring)
Vulnerabilities in IBM Java included with IBM Tivoli Monitoring

Source: CCN
Type: IBM Security Bulletin 6515118 (Connect:Direct Web Services)
Multiple Vulnerabilities in IBM Java Runtime Affect IBM Connect:Direct Web Services

Source: CCN
Type: IBM Security Bulletin 6515120 (Sterling Connect:Direct Browser)
Multiple Vulnerabilities in IBM Sterling Connect:Direct Browser User Interface

Source: CCN
Type: IBM Security Bulletin 6516646 (WebSphere Cast Iron)
Multiple vulnerabilities in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Source: CCN
Type: IBM Security Bulletin 6517670 (MQ)
IBM MQ is vulnerable to multiple issues within the IBM Runtime Environment Java Technology Edition, Versions 7 and 8 shipped with IBM MQ (CVE-2021-2432, CVE-2021-2388)

Source: CCN
Type: IBM Security Bulletin 6524704 (Planning Analytics)
IBM Planning Analytics and IBM Planning Analytics Workspace are affected by security vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6541298 (Cloud Pak for Automation)
Multiple security vulnerabilities fixed in Cloud Pak for Automation components

Source: CCN
Type: IBM Security Bulletin 6541332 (Rational Build Forge)
IBM Rational Build Forge 8.0.x is affected by Java version used in it.(CVE-2021-2388, CVE-2021-2369, CVE-2021-2432)

Source: CCN
Type: IBM Security Bulletin 6554576 (Security Directory Server Virtual Appliance)
Multiple security vulnerabilities have been identified in IBM Java SDK that affect IBM Security Directory Suite - July 2021 CPU

Source: CCN
Type: IBM Security Bulletin 6556908 (Security Directory Server)
Multiple vulnerabilities in IBM Java SDK affect IBM Security Directory Server

Source: CCN
Type: IBM Security Bulletin 6574461 (Cloud Private)
Security Vulnerabilities affect IBM Cloud Private - Java (Multiple CVEs)

Source: CCN
Type: IBM Security Bulletin 6574787 (QRadar SIEM)
IBM QRadar SIEM is vulnerable to using components with Known Vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6597615 (Watson Knowledge Catalog on-prem)
Multiple Vulnerabilities in Java affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Source: CCN
Type: IBM Security Bulletin 6616545 (Netcool Operations Insight)
Netcool Operations Insight v1.6.5 contains fixes for multiple security vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6619065 (Intelligent Operations Center)
Multiple vulnerabilities found in IBM MQ and Java 8 which is shipped with IBM Intelligent Operations Center(CVE-2021-2388, CVE-2021-2369, CVE-2021-2432)

Source: CCN
Type: IBM Security Bulletin 6841803 (Cognos Controller)
IBM Cognos Controller has addressed multiple vulnerabilities

Source: CCN
Type: Oracle CPUJul2021
Oracle Critical Patch Update Advisory - July 2021

Source: MISC
Type: Vendor Advisory
https://www.oracle.com/security-alerts/cpujul2021.html

Source: MISC
Type: Patch, Vendor Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:graalvm:20.3.2:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:21.1.0:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:jdk:1.8.0:update291:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:11.0.11:*:*:*:*:*:*:*

OR cpe:/a:oracle:jdk:16.0.1:*:*:*:*:*:*:*

Configuration 2:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::appstream:*:*:*:*:*

Configuration RedHat 3:

cpe:/a:redhat:enterprise_linux:8::crb:*:*:*:*:*

Configuration RedHat 4:

cpe:/o:redhat:enterprise_linux:7:*:*:*:*:*:*:*

Configuration RedHat 5:

cpe:/o:redhat:enterprise_linux:7::client:*:*:*:*:*

Configuration RedHat 6:

cpe:/o:redhat:enterprise_linux:7::computenode:*:*:*:*:*

Configuration RedHat 7:

cpe:/o:redhat:enterprise_linux:7::server:*:*:*:*:*

Configuration RedHat 8:

cpe:/o:redhat:enterprise_linux:7::workstation:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:java_se:8u291:*:*:*:*:*:*:*

AND

cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_build_forge:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:11.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:1.0.0.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:1.0.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server_patterns:2.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron:7.5.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron:7.5.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron:7.5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:7.5.2.0:*:*:*:professional:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:11.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:12.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:12.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_controller:10.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:7.5.3.0:*:*:*:professional:*:*:*

OR cpe:/a:ibm:mq:8.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:7.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:7.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:8.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq:9.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq:9.1.0:*:*:*:continuous_delivery:*:*:*

OR cpe:/a:ibm:cognos_controller:10.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_directory_server:6.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:iot_messagesight:5.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:dataquant:2.1:*:*:*:z/os:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.1:cd:*:*:*:*:*:*

OR cpe:/a:ibm:data_risk_manager:2.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_publishing_engine:7.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_query_management_facility:11.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_private:3.2.2:cd:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_composite_application_manager:7.4.0:*:*:*:transactions:*:*:*

OR cpe:/a:ibm:iot_messagesight:2.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_controller:10.4.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq:9.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:2019.4.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:11.0.9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:7.0.10.85:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:7.1.4.85:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:8.0.6.30:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics:2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:planning_analytics_workspace:2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7437	P	arm-trusted-firmware-2.6-150400.4.7 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7535	P	java-11-openjdk-11.0.19.0-150000.3.96.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7481	P	dhcp-4.3.6.P1-150000.6.17.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8080	P	java-1_8_0-openjdk-1.8.0.362-150000.3.76.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51941	P	Security update for curl (Important)	2022-10-26
oval:org.opensuse.security:def:771	P	Security update for go1.19 (Important)	2022-09-21
oval:org.opensuse.security:def:6142	P	Security update for p11-kit (Moderate)	2022-08-23
oval:org.opensuse.security:def:95429	P	Security update for ntfs-3g_ntfsprogs (Important) (in QA)	2022-08-03
oval:org.opensuse.security:def:95376	P	Security update for gimp (Moderate)	2022-08-01
oval:org.opensuse.security:def:3481	P	elfutils-0.158-7.7.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3438	P	augeas-1.10.1-2.6 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3672	P	libsmi-0.4.8-18.55 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:94586	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:95068	P	java-1_8_0-openjdk-1.8.0.322-3.64.2 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2956	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94593	P	krb5-1.19.2-150400.1.9 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:93137	P	(Important)	2022-05-17
oval:org.opensuse.security:def:102089	P	Security update for SDL (Important)	2022-04-20
oval:org.opensuse.security:def:95360	P	Security update for SDL2 (Important)	2022-04-14
oval:org.opensuse.security:def:93290	P	(Important)	2022-04-12
oval:org.opensuse.security:def:102142	P	Security update for python (Moderate)	2022-04-01
oval:org.opensuse.security:def:6164	P	Security update for expat (Important)	2022-02-18
oval:org.opensuse.security:def:99736	P	(Moderate)	2022-01-20
oval:org.opensuse.security:def:112461	P	java-16-openjdk-16.0.2.0-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112455	P	java-11-openjdk-11.0.12.0-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112467	P	java-1_8_0-openjdk-1.8.0.302-2.2 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112457	P	java-13-openjdk-13.0.8.0-3.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112459	P	java-15-openjdk-15.0.4.0-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:38173	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:40312	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:44742	P	Security update for java-1_7_1-ibm (Moderate) (in QA)	2022-01-04
oval:org.opensuse.security:def:100033	P	(Important)	2021-12-17
oval:org.opensuse.security:def:93277	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:102073	P	Security update for postgresql14 (Important)	2021-11-22
oval:org.opensuse.security:def:111125	P	Security update for java-1_8_0-openj9 (Important)	2021-11-06
oval:org.opensuse.security:def:111774	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:108808	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:6218	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:76375	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:5881	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:76038	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:67307	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:66970	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:105962	P	java-16-openjdk-16.0.2.0-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:105959	P	java-11-openjdk-11.0.12.0-3.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:105966	P	java-1_8_0-openjdk-1.8.0.302-2.2 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:105960	P	java-13-openjdk-13.0.8.0-3.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:105961	P	java-15-openjdk-15.0.4.0-2.1 on GA media (Moderate)	2021-10-01
oval:org.opensuse.security:def:99144	P	(Critical)	2021-09-20
oval:org.opensuse.security:def:102293	P	Security update for haproxy (Moderate)	2021-09-07
oval:org.opensuse.security:def:111046	P	Security update for java-11-openjdk (Important)	2021-09-07
oval:org.opensuse.security:def:8651	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:92786	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:91999	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:69728	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:1480	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:100326	P	(Important)	2021-09-03
oval:org.opensuse.security:def:109241	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:9397	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:64761	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:101306	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:99338	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:70291	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:93974	P	(Important)	2021-09-03
oval:org.opensuse.security:def:102060	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:9787	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:108755	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:8838	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:92194	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:98949	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:76321	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:10338	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:95862	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:100655	P	(Important)	2021-09-03
oval:org.opensuse.security:def:92587	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:118326	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:5828	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:94186	P	(Important)	2021-09-03
oval:org.opensuse.security:def:75985	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:69537	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:67253	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:102575	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:9033	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:92984	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:69927	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:73692	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:68526	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:101502	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:9588	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:66917	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:107972	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:99537	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:111703	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:70478	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:94397	P	(Important)	2021-09-03
oval:org.opensuse.security:def:10151	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:99990	P	(Important)	2021-09-03
oval:org.opensuse.security:def:64570	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:100046	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:92388	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:117486	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:93760	P	(Important)	2021-09-03
oval:org.opensuse.security:def:73883	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:68570	P	Security update for java-11-openjdk (Important)	2021-09-03
oval:org.opensuse.security:def:111019	P	Security update for java-1_8_0-openjdk (Important)	2021-08-21
oval:org.opensuse.security:def:108739	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:59782	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:99723	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:126755	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:55937	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:89437	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:76299	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:85711	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:30234	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:10325	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:67542	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:95580	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:6477	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:57987	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:92574	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:117882	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:5812	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:51635	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:88174	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:32982	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:75969	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:69526	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:83441	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:23953	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:67231	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:92971	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:127152	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:56057	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:34512	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:69914	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:86132	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31247	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:67566	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:9575	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:66901	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:58805	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:99524	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:111678	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:70465	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:88488	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:33701	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:84195	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:29410	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:10140	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:60335	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:57070	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:92375	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:5834	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:86628	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:31668	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:82617	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:59524	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:92773	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:125586	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:55233	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:89179	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:33959	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:69715	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:84653	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:1215	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:30114	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:108959	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:9386	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:93124	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:6453	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:57491	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:99325	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:70280	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:87446	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:32164	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:83321	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:101875	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:23647	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:9774	P	Security update for java-1_8_0-openjdk (Important)	2021-08-20
oval:org.opensuse.security:def:34497	P	Security update for java-11-openjdk (Important)	2021-08-05
oval:org.opensuse.security:def:60320	P	Security update for java-11-openjdk (Important)	2021-08-05
oval:com.redhat.rhsa:def:20212776	P	RHSA-2021:2776: java-1.8.0-openjdk security update (Important)	2021-07-21
oval:com.redhat.rhsa:def:20212781	P	RHSA-2021:2781: java-11-openjdk security update (Important)	2021-07-21
oval:com.redhat.rhsa:def:20212784	P	RHSA-2021:2784: java-11-openjdk security update (Important)	2021-07-21
oval:com.redhat.rhsa:def:20212845	P	RHSA-2021:2845: java-1.8.0-openjdk security and bug fix update (Important)	2021-07-21