Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/149622?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/149622?format=api", "purl": "pkg:rpm/redhat/java-1.8.0-oracle@1:1.8.0.161-1jpp.2?arch=el7", "type": "rpm", "namespace": "redhat", "name": "java-1.8.0-oracle", "version": "1:1.8.0.161-1jpp.2", "qualifiers": { "arch": "el7" }, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": null, "latest_non_vulnerable_version": null, "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96674?format=api", "vulnerability_id": "VCID-2uk7-3qhm-p7c2", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.32312", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00132", "scoring_system": "epss", "scoring_elements": "0.3224", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102625", "reference_id": "102625", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "http://www.securityfocus.com/bid/102625" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553", "reference_id": "1534553", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534553" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2603" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-2uk7-3qhm-p7c2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96687?format=api", "vulnerability_id": "VCID-3u4e-yubc-dqc9", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2677.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2677.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26388", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00095", "scoring_system": "epss", "scoring_elements": "0.26285", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102656", "reference_id": "102656", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "http://www.securityfocus.com/bid/102656" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288", "reference_id": "1534288", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534288" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2677" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-3u4e-yubc-dqc9" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96672?format=api", "vulnerability_id": "VCID-618c-5fh4-cyem", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25674", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25573", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102633", "reference_id": "102633", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "http://www.securityfocus.com/bid/102633" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543", "reference_id": "1534543", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534543" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2599" ], "risk_score": 2.1, "exploitability": "0.5", "weighted_severity": "4.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-618c-5fh4-cyem" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96679?format=api", "vulnerability_id": "VCID-6adn-6y1g-27gx", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0052", "scoring_system": "epss", "scoring_elements": "0.67231", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0052", "scoring_system": "epss", "scoring_elements": "0.6719", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "8.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102557", "reference_id": "102557", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "http://www.securityfocus.com/bid/102557" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036", "reference_id": "1535036", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535036" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2633" ], "risk_score": 3.8, "exploitability": "0.5", "weighted_severity": "7.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6adn-6y1g-27gx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96675?format=api", "vulnerability_id": "VCID-6hfj-cb81-5kf4", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36707", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0016", "scoring_system": "epss", "scoring_elements": "0.36614", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.9", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102612", "reference_id": "102612", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "http://www.securityfocus.com/bid/102612" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762", "reference_id": "1534762", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534762" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2618" ], "risk_score": 2.6, "exploitability": "0.5", "weighted_severity": "5.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6hfj-cb81-5kf4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96673?format=api", "vulnerability_id": "VCID-8bxh-b9sc-2bdx", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25507", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00089", "scoring_system": "epss", "scoring_elements": "0.25411", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102642", "reference_id": "102642", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "http://www.securityfocus.com/bid/102642" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525", "reference_id": "1534525", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534525" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2602" ], "risk_score": 2.0, "exploitability": "0.5", "weighted_severity": "4.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-8bxh-b9sc-2bdx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96686?format=api", "vulnerability_id": "VCID-9su1-k7jd-83c8", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25609", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25509", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102662", "reference_id": "102662", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "http://www.securityfocus.com/bid/102662" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296", "reference_id": "1534296", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534296" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2663" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-9su1-k7jd-83c8" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96671?format=api", "vulnerability_id": "VCID-chu6-fpwh-63bj", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.65356", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00478", "scoring_system": "epss", "scoring_elements": "0.65315", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102661", "reference_id": "102661", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "http://www.securityfocus.com/bid/102661" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299", "reference_id": "1534299", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534299" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2588" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-chu6-fpwh-63bj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96677?format=api", "vulnerability_id": "VCID-csbm-qcz5-23eq", "summary": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to the Windows installer only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2627", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.65148", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00475", "scoring_system": "epss", "scoring_elements": "0.6519", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2627" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102584", "reference_id": "102584", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/" } ], "url": "http://www.securityfocus.com/bid/102584" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535352", "reference_id": "1535352", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535352" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2627" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-csbm-qcz5-23eq" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96688?format=api", "vulnerability_id": "VCID-eck3-b274-j7d7", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2678.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2678.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25609", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0009", "scoring_system": "epss", "scoring_elements": "0.25509", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2678" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102659", "reference_id": "102659", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "http://www.securityfocus.com/bid/102659" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263", "reference_id": "1534263", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534263" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2678" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-eck3-b274-j7d7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96684?format=api", "vulnerability_id": "VCID-jbja-4xny-5yhy", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36986", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00162", "scoring_system": "epss", "scoring_elements": "0.36894", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.1", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102605", "reference_id": "102605", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "http://www.securityfocus.com/bid/102605" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766", "reference_id": "1534766", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534766" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2641" ], "risk_score": 2.8, "exploitability": "0.5", "weighted_severity": "5.5", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-jbja-4xny-5yhy" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96680?format=api", "vulnerability_id": "VCID-k7mu-p7xw-57ea", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.3793", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00169", "scoring_system": "epss", "scoring_elements": "0.37839", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.8", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102592", "reference_id": "102592", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "http://www.securityfocus.com/bid/102592" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943", "reference_id": "1534943", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534943" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2634" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "6.1", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-k7mu-p7xw-57ea" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96681?format=api", "vulnerability_id": "VCID-nnnc-9tr2-6uh4", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48663", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00251", "scoring_system": "epss", "scoring_elements": "0.48601", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102576", "reference_id": "102576", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "http://www.securityfocus.com/bid/102576" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970", "reference_id": "1534970", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534970" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2637" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-nnnc-9tr2-6uh4" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96683?format=api", "vulnerability_id": "VCID-q1sx-k8nm-nfav", "summary": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2639", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70727", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00631", "scoring_system": "epss", "scoring_elements": "0.70685", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2639" }, { "reference_url": "http://www.securityfocus.com/bid/102556", "reference_id": "102556", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "http://www.securityfocus.com/bid/102556" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535351", "reference_id": "1535351", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535351" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2639" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-q1sx-k8nm-nfav" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96682?format=api", "vulnerability_id": "VCID-qbwd-jsme-pydj", "summary": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2638", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00791", "scoring_system": "epss", "scoring_elements": "0.74288", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00791", "scoring_system": "epss", "scoring_elements": "0.74255", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2638" }, { "reference_url": "http://www.securityfocus.com/bid/102546", "reference_id": "102546", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "http://www.securityfocus.com/bid/102546" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535350", "reference_id": "1535350", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535350" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2638" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qbwd-jsme-pydj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96689?format=api", "vulnerability_id": "VCID-qczw-4qp6-pkhx", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2783.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2783.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2783", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61916", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.00414", "scoring_system": "epss", "scoring_elements": "0.61868", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2783" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "7.4", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/103832", "reference_id": "103832", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "http://www.securityfocus.com/bid/103832" }, { "reference_url": "http://www.securitytracker.com/id/1040697", "reference_id": "1040697", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "http://www.securitytracker.com/id/1040697" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569204", "reference_id": "1569204", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1569204" }, { "reference_url": "https://usn.ubuntu.com/3644-1/", "reference_id": "3644-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://usn.ubuntu.com/3644-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03857en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03915en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180419-0001/", "reference_id": "ntap-20180419-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180419-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1203", "reference_id": "RHSA-2018:1203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1203" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1205", "reference_id": "RHSA-2018:1205", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1205" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1721", "reference_id": "RHSA-2018:1721", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1721" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1722", "reference_id": "RHSA-2018:1722", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1722" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1723", "reference_id": "RHSA-2018:1723", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1723" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1724", "reference_id": "RHSA-2018:1724", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1724" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1974", "reference_id": "RHSA-2018:1974", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1974" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1975", "reference_id": "RHSA-2018:1975", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1975" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2783" ], "risk_score": 3.4, "exploitability": "0.5", "weighted_severity": "6.7", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-qczw-4qp6-pkhx" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96668?format=api", "vulnerability_id": "VCID-vhsc-adgb-pqfh", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.32062", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0013", "scoring_system": "epss", "scoring_elements": "0.31989", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "3.7", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102663", "reference_id": "102663", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "http://www.securityfocus.com/bid/102663" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298", "reference_id": "1534298", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534298" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2579" ], "risk_score": 1.6, "exploitability": "0.5", "weighted_severity": "3.3", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vhsc-adgb-pqfh" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96732?format=api", "vulnerability_id": "VCID-vkm3-ad53-kkbn", "summary": "Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2581", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.69333", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00582", "scoring_system": "epss", "scoring_elements": "0.69373", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2581" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581" }, { "reference_url": "http://www.securityfocus.com/bid/102636", "reference_id": "102636", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "http://www.securityfocus.com/bid/102636" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354", "reference_id": "1535354", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1535354" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530", "reference_id": "888530", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2581" ], "risk_score": 1.9, "exploitability": "0.5", "weighted_severity": "3.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-vkm3-ad53-kkbn" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96670?format=api", "vulnerability_id": "VCID-wpfm-53bw-cyh2", "summary": "Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40789", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00191", "scoring_system": "epss", "scoring_elements": "0.40866", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "6.5", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102597", "reference_id": "102597", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "http://www.securityfocus.com/bid/102597" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768", "reference_id": "1534768", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534768" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0351", "reference_id": "RHSA-2018:0351", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0351" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0352", "reference_id": "RHSA-2018:0352", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0352" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0458", "reference_id": "RHSA-2018:0458", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0458" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0521", "reference_id": "RHSA-2018:0521", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0521" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2582" ], "risk_score": 3.0, "exploitability": "0.5", "weighted_severity": "5.9", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-wpfm-53bw-cyh2" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/96678?format=api", "vulnerability_id": "VCID-x9ha-gc9s-ubfn", "summary": "Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47545", "published_at": "2026-06-05T12:55:00Z" }, { "value": "0.0024", "scoring_system": "epss", "scoring_elements": "0.47481", "published_at": "2026-06-04T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "5.3", "scoring_system": "cvssv3", "scoring_elements": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "http://www.securityfocus.com/bid/102615", "reference_id": "102615", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "http://www.securityfocus.com/bid/102615" }, { "reference_url": "http://www.securitytracker.com/id/1040203", "reference_id": "1040203", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "http://www.securitytracker.com/id/1040203" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625", "reference_id": "1534625", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1534625" }, { "reference_url": "https://usn.ubuntu.com/3613-1/", "reference_id": "3613-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://usn.ubuntu.com/3613-1/" }, { "reference_url": "https://usn.ubuntu.com/3614-1/", "reference_id": "3614-1", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://usn.ubuntu.com/3614-1/" }, { "reference_url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_id": "display?docLocale=en_US&docId=emr_na-hpesbst03911en_us", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4144", "reference_id": "dsa-4144", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4144" }, { "reference_url": "https://www.debian.org/security/2018/dsa-4166", "reference_id": "dsa-4166", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://www.debian.org/security/2018/dsa-4166" }, { "reference_url": "https://security.gentoo.org/glsa/201803-06", "reference_id": "GLSA-201803-06", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201803-06" }, { "reference_url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html", "reference_id": "msg00003.html", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html" }, { "reference_url": "https://security.netapp.com/advisory/ntap-20180117-0001/", "reference_id": "ntap-20180117-0001", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://security.netapp.com/advisory/ntap-20180117-0001/" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0095", "reference_id": "RHSA-2018:0095", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0095" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0099", "reference_id": "RHSA-2018:0099", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0099" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0100", "reference_id": "RHSA-2018:0100", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0100" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0115", "reference_id": "RHSA-2018:0115", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0115" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:0349", "reference_id": "RHSA-2018:0349", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:0349" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1463", "reference_id": "RHSA-2018:1463", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1463" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2018:1812", "reference_id": "RHSA-2018:1812", "reference_type": "", "scores": [ { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/" } ], "url": "https://access.redhat.com/errata/RHSA-2018:1812" } ], "fixed_packages": [], "aliases": [ "CVE-2018-2629" ], "risk_score": 2.4, "exploitability": "0.5", "weighted_severity": "4.8", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-x9ha-gc9s-ubfn" } ], "fixing_vulnerabilities": [], "risk_score": "3.8", "resource_url": "http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-oracle@1:1.8.0.161-1jpp.2%3Farch=el7" }