{"url":"http://public2.vulnerablecode.io/api/packages/149622?format=json","purl":"pkg:rpm/redhat/java-1.8.0-oracle@1:1.8.0.161-1jpp.2?arch=el7","type":"rpm","namespace":"redhat","name":"java-1.8.0-oracle","version":"1:1.8.0.161-1jpp.2","qualifiers":{"arch":"el7"},"subpath":"","is_vulnerable":true,"next_non_vulnerable_version":null,"latest_non_vulnerable_version":null,"affected_by_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96674?format=json","vulnerability_id":"VCID-2uk7-3qhm-p7c2","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2603","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32312","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3224","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102625","reference_id":"102625","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"http://www.securityfocus.com/bid/102625"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534553","reference_id":"1534553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534553"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2603"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2uk7-3qhm-p7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96687?format=json","vulnerability_id":"VCID-3u4e-yubc-dqc9","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2677.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2677.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2677","reference_id":"","reference_type":"","scores":[{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26388","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00095","scoring_system":"epss","scoring_elements":"0.26285","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102656","reference_id":"102656","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"http://www.securityfocus.com/bid/102656"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534288","reference_id":"1534288","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534288"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:54Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2677"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-3u4e-yubc-dqc9"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96672?format=json","vulnerability_id":"VCID-618c-5fh4-cyem","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2599","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25674","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25573","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102633","reference_id":"102633","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"http://www.securityfocus.com/bid/102633"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534543","reference_id":"1534543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534543"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2599"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-618c-5fh4-cyem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96679?format=json","vulnerability_id":"VCID-6adn-6y1g-27gx","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2633","reference_id":"","reference_type":"","scores":[{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.67231","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.6719","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102557","reference_id":"102557","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"http://www.securityfocus.com/bid/102557"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535036","reference_id":"1535036","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535036"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2633"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6adn-6y1g-27gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96675?format=json","vulnerability_id":"VCID-6hfj-cb81-5kf4","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2618","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36707","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36614","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102612","reference_id":"102612","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"http://www.securityfocus.com/bid/102612"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534762","reference_id":"1534762","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534762"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2618"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hfj-cb81-5kf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96673?format=json","vulnerability_id":"VCID-8bxh-b9sc-2bdx","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2602","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25507","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25411","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102642","reference_id":"102642","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"http://www.securityfocus.com/bid/102642"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534525","reference_id":"1534525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534525"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2602"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8bxh-b9sc-2bdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96686?format=json","vulnerability_id":"VCID-9su1-k7jd-83c8","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2663","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25509","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102662","reference_id":"102662","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"http://www.securityfocus.com/bid/102662"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534296","reference_id":"1534296","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534296"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2663"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9su1-k7jd-83c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96671?format=json","vulnerability_id":"VCID-chu6-fpwh-63bj","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2588","reference_id":"","reference_type":"","scores":[{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65356","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65315","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102661","reference_id":"102661","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"http://www.securityfocus.com/bid/102661"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534299","reference_id":"1534299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534299"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2588"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chu6-fpwh-63bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96677?format=json","vulnerability_id":"VCID-csbm-qcz5-23eq","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to the Windows installer only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2627","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65148","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6519","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2627"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102584","reference_id":"102584","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"http://www.securityfocus.com/bid/102584"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535352","reference_id":"1535352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535352"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[],"aliases":["CVE-2018-2627"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csbm-qcz5-23eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96688?format=json","vulnerability_id":"VCID-eck3-b274-j7d7","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2678.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2678.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2678","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25509","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2678"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102659","reference_id":"102659","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"http://www.securityfocus.com/bid/102659"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534263","reference_id":"1534263","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534263"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:24:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2678"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-eck3-b274-j7d7"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96684?format=json","vulnerability_id":"VCID-jbja-4xny-5yhy","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2641","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36986","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36894","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102605","reference_id":"102605","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"http://www.securityfocus.com/bid/102605"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534766","reference_id":"1534766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534766"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2641"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbja-4xny-5yhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96680?format=json","vulnerability_id":"VCID-k7mu-p7xw-57ea","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2634","reference_id":"","reference_type":"","scores":[{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3793","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37839","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102592","reference_id":"102592","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"http://www.securityfocus.com/bid/102592"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534943","reference_id":"1534943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534943"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2634"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7mu-p7xw-57ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96681?format=json","vulnerability_id":"VCID-nnnc-9tr2-6uh4","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2637","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48663","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48601","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102576","reference_id":"102576","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"http://www.securityfocus.com/bid/102576"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534970","reference_id":"1534970","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534970"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2637"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nnnc-9tr2-6uh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96683?format=json","vulnerability_id":"VCID-q1sx-k8nm-nfav","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2639","reference_id":"","reference_type":"","scores":[{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70727","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2639"},{"reference_url":"http://www.securityfocus.com/bid/102556","reference_id":"102556","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"http://www.securityfocus.com/bid/102556"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535351","reference_id":"1535351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535351"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[],"aliases":["CVE-2018-2639"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1sx-k8nm-nfav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96682?format=json","vulnerability_id":"VCID-qbwd-jsme-pydj","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2638","reference_id":"","reference_type":"","scores":[{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74288","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74255","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2638"},{"reference_url":"http://www.securityfocus.com/bid/102546","reference_id":"102546","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"http://www.securityfocus.com/bid/102546"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535350","reference_id":"1535350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535350"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[],"aliases":["CVE-2018-2638"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbwd-jsme-pydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96689?format=json","vulnerability_id":"VCID-qczw-4qp6-pkhx","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2783.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2783.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2783","reference_id":"","reference_type":"","scores":[{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.61916","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00414","scoring_system":"epss","scoring_elements":"0.61868","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2783"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/103832","reference_id":"103832","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"http://www.securityfocus.com/bid/103832"},{"reference_url":"http://www.securitytracker.com/id/1040697","reference_id":"1040697","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"http://www.securitytracker.com/id/1040697"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569204","reference_id":"1569204","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1569204"},{"reference_url":"https://usn.ubuntu.com/3644-1/","reference_id":"3644-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://usn.ubuntu.com/3644-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03857en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03857en_us"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03915en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03915en_us"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180419-0001/","reference_id":"ntap-20180419-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180419-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1203","reference_id":"RHSA-2018:1203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1203"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1205","reference_id":"RHSA-2018:1205","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1205"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1721","reference_id":"RHSA-2018:1721","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1721"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1722","reference_id":"RHSA-2018:1722","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1722"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1723","reference_id":"RHSA-2018:1723","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1723"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1724","reference_id":"RHSA-2018:1724","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1724"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1974","reference_id":"RHSA-2018:1974","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1974"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1975","reference_id":"RHSA-2018:1975","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:39Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1975"}],"fixed_packages":[],"aliases":["CVE-2018-2783"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qczw-4qp6-pkhx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96668?format=json","vulnerability_id":"VCID-vhsc-adgb-pqfh","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2579","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32062","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31989","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102663","reference_id":"102663","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"http://www.securityfocus.com/bid/102663"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534298","reference_id":"1534298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534298"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2579"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vhsc-adgb-pqfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96732?format=json","vulnerability_id":"VCID-vkm3-ad53-kkbn","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2581","reference_id":"","reference_type":"","scores":[{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69333","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69373","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581"},{"reference_url":"http://www.securityfocus.com/bid/102636","reference_id":"102636","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"http://www.securityfocus.com/bid/102636"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535354","reference_id":"1535354","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535354"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530","reference_id":"888530","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2581"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkm3-ad53-kkbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96670?format=json","vulnerability_id":"VCID-wpfm-53bw-cyh2","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2582","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40789","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40866","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102597","reference_id":"102597","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"http://www.securityfocus.com/bid/102597"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534768","reference_id":"1534768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534768"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[],"aliases":["CVE-2018-2582"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpfm-53bw-cyh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96678?format=json","vulnerability_id":"VCID-x9ha-gc9s-ubfn","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2629","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47545","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47481","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102615","reference_id":"102615","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"http://www.securityfocus.com/bid/102615"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534625","reference_id":"1534625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534625"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[],"aliases":["CVE-2018-2629"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9ha-gc9s-ubfn"}],"fixing_vulnerabilities":[],"risk_score":"3.8","resource_url":"http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/java-1.8.0-oracle@1:1.8.0.161-1jpp.2%3Farch=el7"}