Vulnerability CVE-2021-35550 - CERT Civis.Net

Vulnerability Name:

CVE-2021-35550 (CCN-211627)

Assigned:

2021-10-19

Published:

2021-10-19

Updated:

2022-09-23

Summary:

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data.
Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

CVSS v3 Severity:

5.9 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.9 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

5.9 Medium (REDHAT CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)
5.2 Medium (REDHAT Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): High Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): High Integrity (I): None Availibility (A): None

CVSS v2 Severity:

7.1 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Medium Authentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

5.4 Medium (CCN CVSS v2 Vector: AV:N/AC:H/Au:N/C:C/I:N/A:N)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): High Athentication (Au): None
Impact Metrics:	Confidentiality (C): Complete Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-noinfo
CWE-327

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2021-35550

Source: XF
Type: UNKNOWN
oracle-cpuoct2021-cve202135550(211627)

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20211109 [SECURITY] [DLA 2814-1] openjdk-8 security update

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-1cc8ffd122

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-35145352b0

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-eb3e3e87d3

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-7701833090

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-107c8c5063

Source: FEDORA
Type: Mailing List, Third Party Advisory
FEDORA-2021-9a51a6f8b1

Source: GENTOO
Type: Third Party Advisory
GLSA-202209-05

Source: CONFIRM
Type: Third Party Advisory
https://security.netapp.com/advisory/ntap-20211022-0004/

Source: DEBIAN
Type: Third Party Advisory
DSA-5000

Source: CCN
Type: IBM Security Bulletin 6522862 (Semeru Runtimes)
Multiple vulnerabilities may affect IBM Semeru Runtime

Source: CCN
Type: IBM Security Bulletin 6551876 (Cloud Pak for Security)
Cloud Pak for Security uses packages that are vulnerable to multiple CVEs

Source: CCN
Type: IBM Security Bulletin 6555376 (Cognos Command Center)
IBM Cognos Command Center is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6559262 (Java)
CVE-2021-35550 may affect IBM SDK, Java Technology Edition

Source: CCN
Type: IBM Security Bulletin 6559306 (WebSphere Application Server)
Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Application Server and IBM Application Server Liberty due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Source: CCN
Type: IBM Security Bulletin 6562359 (Integration Designer)
IBM Integration Designer is vulnerable to an attacker obtaining sensitive information (CVE-2021-35550, CVE-2021-35603) and denial of service (CVE-2021-35578)

Source: CCN
Type: IBM Security Bulletin 6564313 (Decision Optimization Center)
A vulnerability in IBM SDK, Java may affect IBM Decision Optimization Center (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6564763 (Control Center)
A vulnerability in Java SE affects IBM Control Center (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6565393 (WebSphere Service Registry and Repository)
Multiple Vulnerabilities in IBM Java SDK affect IBM WebSphere Service Registry and Repository due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Source: CCN
Type: IBM Security Bulletin 6565645 (Watson Explorer)
Multiple vulnerabilities in IBM Java Runtime affect Watson Explorer and Watson Explorer Content Analytics Studio (CVE-2021-35550, CVE-2021-35603)

Source: CCN
Type: IBM Security Bulletin 6565647 (SPSS Collaboration and Deployment Services)
Multiple vulnerabilities in IBM Java Runtime affect SPSS Collaboration and Deployment Services

Source: CCN
Type: IBM Security Bulletin 6565659 (Rational Functional Tester)
Multiple vulnerabilities in IBM Java SDK and IBM Java Runtime affect Rational Functional Tester

Source: CCN
Type: IBM Security Bulletin 6565733 (License Metric Tool)
A vulnerability in Java affects IBM License Metric Tool v9 (CVE-2021-35550).

Source: CCN
Type: IBM Security Bulletin 6565763 (Liberty for Java)
Multiple vulnerabilities in IBM Java SDK affect Liberty for Java for IBM Cloud due to January 2022 CPU plus deferred CVE-2021-35550 and CVE-2021-35603

Source: CCN
Type: IBM Security Bulletin 6568745 (WebSphere Cast Iron)
Vulnerability in IBM Java SDK affect IBM WebSphere Cast Iron Solution & App Connect Professional

Source: CCN
Type: IBM Security Bulletin 6570363 (Rational Host On-Demand)
Vulnerability in IBM Java Runtime affects Host On-Demand

Source: CCN
Type: IBM Security Bulletin 6570915 (Data Risk Manager)
IBM Data Risk Manager is affected by multiple vulnerabilities including a remote code execution in Spring Framework (CVE-2022-22965)

Source: CCN
Type: IBM Security Bulletin 6570941 (Watson Discovery)
IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Java

Source: CCN
Type: IBM Security Bulletin 6572983 (Security Guardium)
IBM Security Guardium is affected by multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6575093 (Tivoli Monitoring)
Vulnerabilities in IBM Java included with IBM Tivoli Monitoring

Source: CCN
Type: IBM Security Bulletin 6575365 (App Connect Enterprise)
Multiple vulnerabilities in IBM Java Runtime which affects IBM Integration Bus and IBM App Connect Enterprise

Source: CCN
Type: IBM Security Bulletin 6578583 (Cloud Pak for Business Automation)
Multiple security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2022

Source: CCN
Type: IBM Security Bulletin 6578665 (InfoSphere Information Server)
Multiple vulnerabilities in IBM Java SDK (January 2022) affects IBM InfoSphere Information Server

Source: CCN
Type: IBM Security Bulletin 6582695 (Cloud Transformation Advisor)
IBM Cloud Transformation Advisor is vulnerable to multiple vulnerabilities

Source: CCN
Type: IBM Security Bulletin 6583063 (Rational Asset Analyzer)
A vulnerability in IBM SDK, Java may affect Rational Asset Analyzer (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6586700 (Secure External Authentication Server)
IBM Sterling External Authentication Server is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Source: CCN
Type: IBM Security Bulletin 6586758 (Sterling Secure Proxy)
IBM Sterling Secure Proxy is vulnerable to multiple vulnerabilities due to IBM Java Runtime

Source: CCN
Type: IBM Security Bulletin 6587409 (Tivoli Application Dependency Discovery Manager)
Due to use of IBM SDK, Java Technology Edition, IBM Tivoli Application Dependency Discovery Manager (TADDM) is vulnerable to denial of service

Source: CCN
Type: IBM Security Bulletin 6588133 (Business Automation Workflow)
Multiple vulnerabilities in IBM Java Runtime affect IBM Process Designer in IBM Business Automation Workflow and IBM Business Process Manager

Source: CCN
Type: IBM Security Bulletin 6590209 (Spectrum Control)
IBM Spectrum Control is vulnerable to multiple weaknesses related to XStream, Apache Xerces2, Jackson, OpenSSL, and Java SE

Source: CCN
Type: IBM Security Bulletin 6591077 (TS7700 virtual tape systems)
Multiple Vulnerabilities in IBM Java SDK affect IBM Virtualization Engine TS7700 - October 2021 & January 2022

Source: CCN
Type: IBM Security Bulletin 6591155 (Security SOAR)
IBM Security SOAR is using a component with multiple known vulnerabilities - IBM JDK 8.0.7.0

Source: CCN
Type: IBM Security Bulletin 6591169 (Enterprise Content Management System Monitor)
Enterprise Content Management System Monitor is affected by a vulnerability CVE-2021-35550

Source: CCN
Type: IBM Security Bulletin 6591297 (DB2 for Linux, UNIX and Windows)
Multiple vulnerabilities in Java SE that could allow an unauthenticated attacker to obtain sensitive information affect IBM Db2. (CVE-2021-35603, CVE-2021-35550, CVE-2021-2341)

Source: CCN
Type: IBM Security Bulletin 6591519 (i)
IBM Java SDK and IBM Java Runtime for IBM i are vulnerable to unauthenticated attacker obtaining sensitive information and other attacks due to multiple vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6593757 (Content Collector)
CVE-2020-14782 may affect IBM SDK, Java Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6593773 (Content Collector)
CVE-2020-14782 may affect IBM SDK, Java Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6593775 (Content Collector)
CVE-2020-14782 may affect IBM SDK, Java Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6593777 (Content Collector)
CVE-2020-14782 may affect IBM SDK, Java Technology Edition for Content Collector for Email, Content Collector for File Systems, Content Collector for Microsoft SharePoint and Content Collector for IBM Connections

Source: CCN
Type: IBM Security Bulletin 6594121 (Watson Knowledge Catalog on-prem)
A Unspecified Java Vulnerability is affecting Watson Knowledge Catalog for IBM Cloud Pak for Data (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6594861 (AIX)
Multiple vulnerabilities in IBM Java SDK affect AIX

Source: CCN
Type: IBM Security Bulletin 6595173 (CICS TX Advanced)
A vulnerability (CVE-2021-35550) in Java SE affects IBM CICS TX Advanced

Source: CCN
Type: IBM Security Bulletin 6595175 (CICS TX Standard)
A vulnerability (CVE-2021-35550) in Java SE affects IBM CICS TX Standard

Source: CCN
Type: IBM Security Bulletin 6595179 (TXSeries for Multiplatforms)
A vulnerability (CVE-2021-35550) in Java SE affects IBM TXSeries for Multiplatforms

Source: CCN
Type: IBM Security Bulletin 6595269 (z/Transaction Processing Facility)
Multiple vulnerabilities in IBM Java Runtime affect z/Transaction Processing Facility

Source: CCN
Type: IBM Security Bulletin 6595589 (Cloud Application Business Insights)
Vulnerabilities in Java affects IBM Cloud Application Business Insights - Quaterly Java update, CVE-2021-35603 and CVE-2021-35550

Source: CCN
Type: IBM Security Bulletin 6596109 (SPSS Statistics)
An Unspecified Vulnerability in Java runtime affects IBM SPSS (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6596379 (Spectrum Protect for Virtual Environments)
Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Backup-Archive Client, IBM Spectrum Protect for Space Management, and IBM Spectrum Protect for Virtual Environments (CVE-2021-35550, CVE-2021-35603)

Source: CCN
Type: IBM Security Bulletin 6596875 (Spectrum Protect Server)
Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Server (CVE-2021-35550, CVE-2021-35603)

Source: CCN
Type: IBM Security Bulletin 6596877 (Spectrum Protect Operations Center)
Vulnerabilities in IBM Java Runtime affect IBM Spectrum Protect Operations Center and Client Management Service (CVE-2021-35550, CVE-2021-35603)

Source: CCN
Type: IBM Security Bulletin 6597191 (Sterling Connect:Direct File Agent)
IBM Sterling Connect:Direct File Agent is vulnerable to an unspecified vulnerability due to IBM Java Runtime (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6597231 (WebSphere Internet Pass-Thru)
IBM MQ Internet Pass-Thru is vulnerable to an issue within IBM Runtime Environment Java Technology Edition, Version 7. (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6597251 (CICS Transaction Gateway)
A vulnerability (CVE-2021-35550) in IBM Java Runtime affects CICS Transaction Gateway

Source: CCN
Type: IBM Security Bulletin 6597285 (Sterling Connect:Direct FTP+)
IBM Sterling Connect:Direct FTP+ is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6597497 (Tivoli Business Service Manager)
Vulnerability in IBM Java SDK affect IBM Tivoli Business Service Manager

Source: CCN
Type: IBM Security Bulletin 6597881 (Content Collector for SAP Applications)
CVE-2020-35550 may affect IBM SDK, Java Technology Edition for IBM Content Collector for SAP Applications

Source: CCN
Type: IBM Security Bulletin 6598349 (WebSphere eXtreme Scale)
Multiple Vulnerabilities in IBM Runtime Environment Java Technology Edition affects WebSphere eXtreme Scale

Source: CCN
Type: IBM Security Bulletin 6598361 (Rational Business Developer)
Vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Business Developer

Source: CCN
Type: IBM Security Bulletin 6598405 (Sterling Connect:Direct for Microsoft Windows)
IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to an unspecified vulnerability due to IBM Java Runtime (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6598821 (Rational Application Developer)
IBM SDK, Java Technology Edition, Security Update October 2021

Source: CCN
Type: IBM Security Bulletin 6599663 (Sterling Connect:Direct for UNIX)
IBM Sterling Connect:Direct for UNIX is vulnerable to unauthorized data access due to IBM Java (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6599711 (Tivoli Netcool/Impact)
A security vulnerability has been identified in in IBM Java SDK shipoped with IBM Tivoli Netcool Impact (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6599979 (MQ)
IBM MQ is vulnerable to multiple issues within IBM Runtime Environment Java Technology Edition, Version 8 (CVE-2021-35603, CVE-2022-21305, CVE-2022-21291, CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6602023 (Tivoli Netcool/OMNIbus)
Vulnerabilities in IBM Java Runtime affecting Tivoli Netcool/OMNIbus (Multiple CVEs)

Source: CCN
Type: IBM Security Bulletin 6602263 (Rational ClearQuest)
Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearQuest

Source: CCN
Type: IBM Security Bulletin 6602575 (MQ Appliance)
IBM MQ Appliance is affected by a Java vulnerability (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6603411 (Security Verify Governance)
IBM Java SDK Technology Edition, Oct 2021, affects IBM Security Verify Governance, Identity Manager virtual appliance component

Source: CCN
Type: IBM Security Bulletin 6605335 (DB2 Recovery Expert for Linux, UNIX and Windows)
Vulnerability in Java SE related to the JSSE component affects DB2 Recovery Expert for Linux, Unix and Windows

Source: CCN
Type: IBM Security Bulletin 6605427 (QRadar SIEM)
A vulnerability in IBM Java SDK and IBM Java Runtime affects IBM QRadar SIEM

Source: CCN
Type: IBM Security Bulletin 6605811 (Rational ClearCase)
Multiple vulnerabilities in the IBM Java Runtime affect IBM Rational ClearCase ( CVE-2021-35578, CVE-2021-35603, CVE-2021-35550, CVE-2021-35561, CVE-2022-21299 )

Source: CCN
Type: IBM Security Bulletin 6605839 (Security Verify Governance)
Multiple security vulnerabilities found in open source code that is shipped with IBM Security Verify Governance, Identity Manager virtual appliance component

Source: CCN
Type: IBM Security Bulletin 6606307 (Cloud Pak for Multicloud Management)
IBM Cloud Pak for Multicloud Management Monitoring is vulnerable to information leakage due to its use of Java (CVE-2022-35550)

Source: CCN
Type: IBM Security Bulletin 6607001 (Cloud Pak for Security)
Java SE as used by IBM Cloud Pak For Security is vulnerable to information disclosure and denial of service.

Source: CCN
Type: IBM Security Bulletin 6608582 (DataPower Gateway)
IBM DataPower Gateway may use weaker security than expected (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6608612 (Rational Performance Tester)
A vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Performance Tester (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6608614 (Rational Service Tester)
A vulnerability in IBM Java SDK and IBM Java Runtime affects Rational Service Tester (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6610076 (Security Identity Manager Virtual Appliance)
Vulnerabilities in IBM Java SDK Technology Edition, Oct 2021 affects IBM Security Identity Manager Virtual Appliance (CVE-2021-35603, CVE-2021-35550, CVE-2021-35578)

Source: CCN
Type: IBM Security Bulletin 6611159 (Event Streams)
Vulnerabilities in the Java JDK affect IBM Event Streams (CVE-2021-35550, CVE-2021-35603)

Source: CCN
Type: IBM Security Bulletin 6614809 (Security Identity Governance and Intelligence)
IBM Security Identity Governance and Intelligence is vulnerable to sensitive information exposure (CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6616545 (Netcool Operations Insight)
Netcool Operations Insight v1.6.5 contains fixes for multiple security vulnerabilities.

Source: CCN
Type: IBM Security Bulletin 6618731 (Intelligent Operations Center)
A vulnerabilities have been identified in IBM Java 8 which is shipped with IBM Intelligent Operations Center(CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6622019 (Spectrum Virtualize software)
Vulnerabilities in IBM Java affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products

Source: CCN
Type: IBM Security Bulletin 6825511 (Rational Synergy)
Multiple Vulnerabilities in Rational Synergy 7.2.2.4

Source: CCN
Type: IBM Security Bulletin 6829075 (Cloud APM)
IBM Performance Management is affected by multiple vulnerabilities in IBM Java SDK (CVE-2021-35578, CVE-2021-35550, and CVE-2022-21496)

Source: CCN
Type: IBM Security Bulletin 6832958 (FlashSystem V9000)
Vulnerabilities in IBM Java affect IBM FlashSystem models V840 and V900

Source: CCN
Type: IBM Security Bulletin 6837345 (PureData System for Operational Analytics)
IBM SDK, Java Technology Edition Quarterly CPU - January 2019 through July 2022 affects AIX LPARs in IBM PureData System for Operational Analytics

Source: CCN
Type: IBM Security Bulletin 6842113 (Operations Analytics Predictive Insights)
Multiple vulnerabilities in IBM SDK, Java Technology Edition affect IBM Operations Analytics Predictive Insights

Source: CCN
Type: IBM Security Bulletin 6848847 (Rational Directory Server)
Multiple vulnerabilities in IBM Java Runtime affect Rational Directory Server (Tivoli) & Rational Directory Administrator

Source: CCN
Type: IBM Security Bulletin 6852695 (Security Verify Governance)
IBM Security Verify Governance is vulnerable to unauthenticated access resulting in various threats (CVE-2021-35550, CVE-2021-2163, CVE-2021-35603)

Source: CCN
Type: IBM Security Bulletin 6966320 (Cloud Pak System Software Suite)
Multiple Vulnerabilities in IBM Java SDK affect IBM Cloud Pak System

Source: CCN
Type: IBM Security Bulletin 6985007 (Rational Build Forge)
IBM Rational Build Forge is vulnerable and could allow attacker to obtain sensitive information due to the use of JSSE component(CVE-2021-35550)

Source: CCN
Type: IBM Security Bulletin 6997585 (Security Directory Server)
Multiple Security Vulnerabilities have been fixed in the IBM Directory Server and IBM Directory Suite products (CVE-2022-21496, CVE-2021-35550, CVE-2021-2163, CVE-2021-35603)

Source: CCN
Type: Oracle CPUOct2021
Oracle Critical Patch Update Advisory - October 2021

Source: MISC
Type: Patch, Vendor Advisory
https://www.oracle.com/security-alerts/cpuoct2021.html

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2021-35550

Vulnerable Configuration:

Configuration 1:

cpe:/a:oracle:openjdk:11.0.12:*:*:*:*:*:*:*

OR cpe:/a:oracle:openjdk:8:update301:*:*:*:*:*:*

OR cpe:/a:oracle:openjdk:7:update311:*:*:*:*:*:*

OR cpe:/a:oracle:graalvm:20.3.3:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:21.2.0:*:*:*:enterprise:*:*:*

Configuration 2:

cpe:/a:netapp:snapmanager:-:*:*:*:*:oracle:*:*

OR cpe:/a:netapp:snapmanager:-:*:*:*:*:sap:*:*

OR cpe:/a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:e-series_santricity_storage_manager:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:e-series_santricity_os_controller:*:*:*:*:*:*:*:* (Version >= 11.0.0 and <= 11.50.2)

OR cpe:/a:netapp:solidfire:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:hci_management_node:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*

OR cpe:/a:netapp:santricity_unified_manager:-:*:*:*:*:*:*:*

OR cpe:/a:netapp:e-series_santricity_web_services:-:*:*:*:*:web_services_proxy:*:*

OR cpe:/a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*

Configuration 3:

cpe:/o:fedoraproject:fedora:33:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:34:*:*:*:*:*:*:*

OR cpe:/o:fedoraproject:fedora:35:*:*:*:*:*:*:*

Configuration 4:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:10.0:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:11.0:*:*:*:*:*:*:*

Configuration RedHat 1:

cpe:/a:redhat:enterprise_linux:8:*:*:*:*:*:*:*

Configuration RedHat 2:

cpe:/a:redhat:enterprise_linux:8::supplementary:*:*:*:*:*

Configuration CCN 1:

cpe:/a:oracle:graalvm:20.3.3:*:*:*:enterprise:*:*:*

OR cpe:/a:oracle:graalvm:21.2.0:*:*:*:enterprise:*:*:*

AND

cpe:/a:ibm:websphere_application_server:7.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_server:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_service_registry_and_repository:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:8.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.5:*:*:*:*:linux:*:*

OR cpe:/a:ibm:db2:10.5:*:*:*:*:unix:*:*

OR cpe:/a:ibm:db2:10.5:*:*:*:*:windows:*:*

OR cpe:/o:ibm:i:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_service_registry_and_repository:8.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:10.1:*:*:*:*:linux:*:*

OR cpe:/a:ibm:db2:10.1:*:*:*:*:unix:*:*

OR cpe:/a:ibm:db2:10.1:*:*:*:*:windows:*:*

OR cpe:/a:ibm:db2:9.7:*:*:*:*:linux:*:*

OR cpe:/a:ibm:db2:9.7:*:*:*:*:unix:*:*

OR cpe:/a:ibm:db2:9.7:*:*:*:*:windows:*:*

OR cpe:/a:ibm:sterling_connect:direct_ftp+:1.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_netcool/impact:7.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_netcool/omnibus:8.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:content_collector:4.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:txseries:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:license_metric_tool:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.5:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_designer:8.5.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:11.1:*:*:*:*:linux:*:*

OR cpe:/a:ibm:db2:11.1:*:*:*:*:unix:*:*

OR cpe:/a:ibm:db2:11.1:*:*:*:*:windows:*:*

OR cpe:/a:ibm:watson_explorer:11.0.1:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_application_server:9.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:mq:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:11.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.1.1.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:operations_analytics_predictive_insights:1.3.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:operations_analytics_predictive_insights:1.3.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:operations_analytics_predictive_insights:1.3.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:decision_optimization_center:3.9.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearquest:9.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:8.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearcase:9.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.1.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:infosphere_information_server:11.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:18.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:10.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:content_collector:4.0.0.2:*:*:*:sap_applications:*:*:*

OR cpe:/a:ibm:tivoli_monitoring:6.3.0.7:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_host_on-demand:13.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_connect:direct:4.3.0:*:*:*:unix:*:*:*

OR cpe:/a:ibm:app_connect:11.0.0.0:*:*:*:enterprise:*:*:*

OR cpe:/a:ibm:integration_bus:10.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:websphere_cast_iron:7.5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:7.5.2.0:*:*:*:professional:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:2018.4.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_virtualize_software:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_secure_proxy:3.4.3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:10.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:cognos_command_center:10.2.4.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:tivoli_business_service_manager:6.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_functional_tester:9.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.1.0.6:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect:7.5.3.0:*:*:*:professional:*:*:*

OR cpe:/a:ibm:java:7.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:7.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:java:8.0.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_directory_server:6.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:vios:3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_for_virtual_environments:8.1.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_discovery:2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_directory_administrator:6.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_transformation_advisor:2.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_process_manager:8.5.7.2017.06:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:decision_optimization_center:3.9.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:decision_optimization_center:3.9:*:*:*:*:*:*:*

OR cpe:/a:ibm:txseries:9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:watson_explorer:12.0.3:*:deep_analytics:*:analytical_components:*:*:*

OR cpe:/a:ibm:tivoli_application_dependency_discovery_manager:7.3.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_statistics:25.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_statistics:26.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:11.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_business_developer:9.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_host_on-demand:14.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:11.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:decision_optimization_center:3.9.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_collaboration_and_deployment_services:8.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:spss_collaboration_and_deployment_services:7.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:control_center:6.1.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_identity_governance_and_intelligence:5.2.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_server:8.1.0.000:*:*:*:*:*:*:*

OR cpe:/a:ibm:spectrum_protect_operations_center:8.1.0.000:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearquest:9.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_clearquest:9.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_identity_manager_virtual_appliance:7.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_asset_analyzer:6.1.0.23:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_external_authentication_server:2.4.3.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:intelligent_operations_center:5.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2:11.5:*:*:*:*:linux:*:*

OR cpe:/a:ibm:db2:11.5:*:*:*:*:unix:*:*

OR cpe:/a:ibm:db2:11.5:*:*:*:*:windows:*:*

OR cpe:/a:ibm:content_collector:4.0.0.3:*:*:*:sap_applications:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.0.0.6:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.1.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.1.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.2.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_identity_manager_virtual_appliance:7.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.4.0:-:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:11.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:8.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.0.0.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_transaction_gateway:9.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_service_tester:9.5:*:*:*:soa_quality:*:*:*

OR cpe:/a:ibm:cloud_application_business_insights:1.1.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_application_business_insights:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:control_center:6.2.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_application_business_insights:1.1.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_designer:20.0.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:integration_designer:20.0.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:rational_application_developer:9.6:*:*:*:websphere:*:*:*

OR cpe:/a:ibm:watson_discovery:2.2.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:*:*:*:linux:*:*:*

OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:*:*:*:linux:*:*:*

OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:*:*:*:linux:*:*:*

OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:if1:*:*:*:linux:*:*

OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:if1:*:*:*:unix:*:*

OR cpe:/a:ibm:db2_recovery_expert:5.5.0.1:if1:*:*:*:windows:*:*

OR cpe:/a:ibm:security_guardium:11.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise:12.0.1.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_security:1.7.2.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.3.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:event_streams:10.3.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:security_guardium:11.4:*:*:*:*:*:*:*

OR cpe:/a:ibm:sterling_secure_proxy:6.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:secure_external_authentication_server:6.0.3:*:*:*:*:*:*:*

OR cpe:/o:ibm:aix:7.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:business_automation_workflow:21.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:qradar_security_information_and_event_manager:7.5.0:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:18.0.2:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:19.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.1:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:20.0.3:*:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.1:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.2:-:*:*:*:*:*:*

OR cpe:/a:ibm:cloud_pak_for_business_automation:21.0.3:-:*:*:*:*:*:*

OR cpe:/a:ibm:app_connect_enterprise:12.0.4.0:*:*:*:*:*:*:*

OR cpe:/a:ibm:datapower_gateway:10.0.4.0:*:*:*:*:*:*:*

OR cpe:/o:ibm:i:7.5:*:*:*:*:*:*:*

OR cpe:/a:ibm:cics_tx:11.1:*:*:*:standard:*:*:*

OR cpe:/a:ibm:cics_tx:11.1:*:*:*:advanced:*:*:*

OR cpe:/a:ibm:security_verify_governance:10.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:7492	P	expat-2.4.4-150400.3.12.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:8080	P	java-1_8_0-openjdk-1.8.0.362-150000.3.76.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7448	P	bcm43xx-firmware-20180314-150400.28.5 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:7535	P	java-11-openjdk-11.0.19.0-150000.3.96.1 on GA media (Moderate)	2023-06-12
oval:org.opensuse.security:def:51987	P	Security update for samba (Important)	2023-01-26
oval:org.opensuse.security:def:51986	P	Security update for python-setuptools (Moderate)	2023-01-26
oval:org.opensuse.security:def:3711	P	Security update for go1.17 (Important)	2022-08-04
oval:org.opensuse.security:def:95429	P	Security update for ntfs-3g_ntfsprogs (Important) (in QA)	2022-08-03
oval:org.opensuse.security:def:3525	P	ibus-1.5.13-15.11.2 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:3438	P	augeas-1.10.1-2.6 on GA media (Moderate)	2022-06-28
oval:org.opensuse.security:def:95068	P	java-1_8_0-openjdk-1.8.0.322-3.64.2 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:2956	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94637	P	libgcrypt-devel-1.9.4-150400.4.6 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:94586	P	java-11-openjdk-11.0.15.0-150000.3.80.1 on GA media (Moderate)	2022-06-22
oval:org.opensuse.security:def:102142	P	Security update for python (Moderate)	2022-04-01
oval:org.opensuse.security:def:99765	P	(Important)	2022-03-23
oval:com.redhat.rhsa:def:20220970	P	RHSA-2022:0970: java-1.8.0-ibm security update (Moderate)	2022-03-21
oval:org.opensuse.security:def:99762	P	(Important)	2022-03-15
oval:org.opensuse.security:def:102157	P	Security update for the Linux RT Kernel (Critical)	2022-02-21
oval:org.opensuse.security:def:100076	P	(Critical)	2022-02-11
oval:org.opensuse.security:def:100073	P	(Important)	2022-02-04
oval:org.opensuse.security:def:112468	P	java-1_8_0-openjdk-1.8.0.312-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:112456	P	java-11-openjdk-11.0.13.0-1.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:99169	P	(Moderate)	2021-12-06
oval:org.opensuse.security:def:126799	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:60421	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:31312	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:58872	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:86174	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:32228	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:59826	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:87513	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:23714	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:55976	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:83360	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:33745	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:88540	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:29451	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:57135	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:84242	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:125632	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:89481	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:30273	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:58051	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:85776	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:51702	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:127196	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:31710	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:59568	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:86692	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:55274	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:34598	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:82658	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:33049	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:111139	P	Security update for java-1_8_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:88223	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:23999	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:56096	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:83480	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:34003	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:89223	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:30153	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:57533	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:84700	P	Security update for java-1_7_0-openjdk (Important)	2021-11-24
oval:org.opensuse.security:def:106742	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:76394	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:83359	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:33744	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:9617	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:88539	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:29450	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:57134	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:69956	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:108823	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:5896	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:84241	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:76053	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:99566	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:125631	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:10176	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:89480	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:30272	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:58050	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:70507	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:6461	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:85775	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:51701	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:67326	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:127195	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:106057	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:31709	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:59567	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:92417	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:86691	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:108967	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:55273	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:106455	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:34597	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:66985	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:82657	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:33048	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:92815	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:9422	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:88222	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:1225	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:23998	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:6487	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:56095	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:69757	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:67550	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:83479	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:34002	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:95444	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:99367	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:117890	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:111794	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:9816	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:89222	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:30152	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:57532	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:70316	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:101885	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:84699	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:102301	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:126798	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:10367	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:60420	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:31311	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:58871	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:86173	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:67576	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:106256	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:95588	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:32227	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:59825	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:92616	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:87512	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:23713	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:6237	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:55975	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:69562	P	Security update for java-1_8_0-openjdk (Important)	2021-11-23
oval:org.opensuse.security:def:111134	P	Security update for java-11-openjdk (Important)	2021-11-17
oval:org.opensuse.security:def:67318	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:106054	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:73736	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:92414	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:100680	P	(Important)	2021-11-16
oval:org.opensuse.security:def:68537	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:102150	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:106452	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:66978	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:95873	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:92812	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:94197	P	(Important)	2021-11-16
oval:org.opensuse.security:def:9419	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:810	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:69754	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:108016	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:73922	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:64614	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:95437	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:99364	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:117530	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:111786	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:9813	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:8672	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:70313	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:101541	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:68581	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:105664	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:10364	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:94408	P	(Important)	2021-11-16
oval:org.opensuse.security:def:92024	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:100015	P	(Important)	2021-11-16
oval:org.opensuse.security:def:101350	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:106253	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:64800	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:92613	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:93771	P	(Important)	2021-11-16
oval:org.opensuse.security:def:8863	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:109252	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:6229	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:69559	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:106739	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:76386	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:105859	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:98974	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:9614	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:92219	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:1491	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:69953	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:100351	P	(Important)	2021-11-16
oval:org.opensuse.security:def:108816	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:5889	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:76046	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:99563	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:118337	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:10173	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:93985	P	(Important)	2021-11-16
oval:org.opensuse.security:def:9058	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:70504	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:102071	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:102586	P	Security update for java-11-openjdk (Important)	2021-11-16
oval:org.opensuse.security:def:111125	P	Security update for java-1_8_0-openj9 (Important)	2021-11-06
oval:org.opensuse.security:def:111774	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:6218	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:76375	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:108808	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:5881	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:76038	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:67307	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:66970	P	Security update for java-1_8_0-openj9 (Important)	2021-11-04
oval:org.opensuse.security:def:34579	P	Security update for java-11-openjdk (Important)	2021-10-27
oval:org.opensuse.security:def:60402	P	Security update for java-11-openjdk (Important)	2021-10-27
oval:com.redhat.rhsa:def:20213889	P	RHSA-2021:3889: java-1.8.0-openjdk security and bug fix update (Important)	2021-10-20
oval:com.redhat.rhsa:def:20213891	P	RHSA-2021:3891: java-11-openjdk security update (Important)	2021-10-20
oval:com.redhat.rhsa:def:20213892	P	RHSA-2021:3892: java-11-openjdk security and bug fix update (Important)	2021-10-20
oval:com.redhat.rhsa:def:20213893	P	RHSA-2021:3893: java-1.8.0-openjdk security and bug fix update (Important)	2021-10-20