{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","type":"ebuild","namespace":"dev-java","name":"oracle-jdk-bin","version":"1.8.0.162","qualifiers":{},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"1.8.0.202","latest_non_vulnerable_version":"1.8.0.202","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96674?format=json","vulnerability_id":"VCID-2uk7-3qhm-p7c2","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2603","reference_id":"","reference_type":"","scores":[{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32236","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.3224","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32312","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32281","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32243","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00132","scoring_system":"epss","scoring_elements":"0.32213","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102625","reference_id":"102625","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"http://www.securityfocus.com/bid/102625"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534553","reference_id":"1534553","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534553"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2603"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-2uk7-3qhm-p7c2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96672?format=json","vulnerability_id":"VCID-618c-5fh4-cyem","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded, JRockit accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2599.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2599","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25569","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25573","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25674","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25665","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25618","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25559","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102633","reference_id":"102633","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"http://www.securityfocus.com/bid/102633"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534543","reference_id":"1534543","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534543"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:37Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2599"],"risk_score":2.1,"exploitability":"0.5","weighted_severity":"4.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-618c-5fh4-cyem"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96679?format=json","vulnerability_id":"VCID-6adn-6y1g-27gx","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JNDI). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, JRockit, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2633.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2633","reference_id":"","reference_type":"","scores":[{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.67221","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.6719","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.67231","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.67238","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.67222","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0052","scoring_system":"epss","scoring_elements":"0.67206","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"8.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102557","reference_id":"102557","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"http://www.securityfocus.com/bid/102557"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535036","reference_id":"1535036","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535036"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:49Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2633"],"risk_score":3.8,"exploitability":"0.5","weighted_severity":"7.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6adn-6y1g-27gx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96675?format=json","vulnerability_id":"VCID-6hfj-cb81-5kf4","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JCE). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2618.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2618","reference_id":"","reference_type":"","scores":[{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36614","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36652","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36642","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36679","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36715","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0016","scoring_system":"epss","scoring_elements":"0.36707","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.9","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102612","reference_id":"102612","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"http://www.securityfocus.com/bid/102612"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534762","reference_id":"1534762","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534762"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:12Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2618"],"risk_score":2.6,"exploitability":"0.5","weighted_severity":"5.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-6hfj-cb81-5kf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96673?format=json","vulnerability_id":"VCID-8bxh-b9sc-2bdx","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: I18n). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Java SE, Java SE Embedded executes to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2602.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2602","reference_id":"","reference_type":"","scores":[{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25398","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25411","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25507","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25494","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25447","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00089","scoring_system":"epss","scoring_elements":"0.25388","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102642","reference_id":"102642","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"http://www.securityfocus.com/bid/102642"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534525","reference_id":"1534525","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534525"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:56Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2602"],"risk_score":2.0,"exploitability":"0.5","weighted_severity":"4.0","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8bxh-b9sc-2bdx"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96686?format=json","vulnerability_id":"VCID-9su1-k7jd-83c8","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded, JRockit. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2663.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2663","reference_id":"","reference_type":"","scores":[{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25506","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25509","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25609","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.256","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25555","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0009","scoring_system":"epss","scoring_elements":"0.25497","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:L"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102662","reference_id":"102662","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"http://www.securityfocus.com/bid/102662"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534296","reference_id":"1534296","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534296"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2663"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-9su1-k7jd-83c8"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96671?format=json","vulnerability_id":"VCID-chu6-fpwh-63bj","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: LDAP). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2588.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2588","reference_id":"","reference_type":"","scores":[{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65365","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65315","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65356","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65367","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00478","scoring_system":"epss","scoring_elements":"0.65346","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102661","reference_id":"102661","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"http://www.securityfocus.com/bid/102661"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534299","reference_id":"1534299","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534299"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:04Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2588"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-chu6-fpwh-63bj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96677?format=json","vulnerability_id":"VCID-csbm-qcz5-23eq","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to the Windows installer only. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2627.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2627","reference_id":"","reference_type":"","scores":[{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65148","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65196","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65178","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.65201","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00475","scoring_system":"epss","scoring_elements":"0.6519","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2627"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102584","reference_id":"102584","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"http://www.securityfocus.com/bid/102584"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535352","reference_id":"1535352","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535352"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3.1","scoring_elements":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H"},{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:32:48Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2627"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-csbm-qcz5-23eq"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96684?format=json","vulnerability_id":"VCID-jbja-4xny-5yhy","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: AWT). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.1 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2641.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2641","reference_id":"","reference_type":"","scores":[{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36894","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36933","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.3692","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36958","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36992","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00162","scoring_system":"epss","scoring_elements":"0.36986","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.1","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102605","reference_id":"102605","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"http://www.securityfocus.com/bid/102605"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534766","reference_id":"1534766","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534766"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:30Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2641"],"risk_score":2.8,"exploitability":"0.5","weighted_severity":"5.5","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-jbja-4xny-5yhy"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96680?format=json","vulnerability_id":"VCID-k7mu-p7xw-57ea","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2634.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2634","reference_id":"","reference_type":"","scores":[{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.3793","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37879","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37867","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37901","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37933","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00169","scoring_system":"epss","scoring_elements":"0.37839","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.8","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102592","reference_id":"102592","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"http://www.securityfocus.com/bid/102592"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534943","reference_id":"1534943","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534943"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:51Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2634"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"6.1","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-k7mu-p7xw-57ea"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96681?format=json","vulnerability_id":"VCID-nnnc-9tr2-6uh4","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JMX). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data as well as unauthorized access to critical data or complete access to all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2637.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2637","reference_id":"","reference_type":"","scores":[{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.4864","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48601","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48663","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48673","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48654","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00251","scoring_system":"epss","scoring_elements":"0.48625","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"7.4","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102576","reference_id":"102576","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"http://www.securityfocus.com/bid/102576"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534970","reference_id":"1534970","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534970"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:43Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2637"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.7","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-nnnc-9tr2-6uh4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96683?format=json","vulnerability_id":"VCID-q1sx-k8nm-nfav","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2639.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2639","reference_id":"","reference_type":"","scores":[{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70685","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70727","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70729","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70735","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70705","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00631","scoring_system":"epss","scoring_elements":"0.70718","published_at":"2026-06-07T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2639"},{"reference_url":"http://www.securityfocus.com/bid/102556","reference_id":"102556","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"http://www.securityfocus.com/bid/102556"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535351","reference_id":"1535351","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535351"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:53Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2639"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-q1sx-k8nm-nfav"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96682?format=json","vulnerability_id":"VCID-qbwd-jsme-pydj","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json","reference_id":"","reference_type":"","scores":[{"value":"7.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2638.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2638","reference_id":"","reference_type":"","scores":[{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74288","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74261","published_at":"2026-06-08T12:55:00Z"},{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74255","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74279","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00791","scoring_system":"epss","scoring_elements":"0.74293","published_at":"2026-06-06T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2638"},{"reference_url":"http://www.securityfocus.com/bid/102546","reference_id":"102546","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"http://www.securityfocus.com/bid/102546"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535350","reference_id":"1535350","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535350"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:19:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2638"],"risk_score":3.4,"exploitability":"0.5","weighted_severity":"6.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-qbwd-jsme-pydj"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96668?format=json","vulnerability_id":"VCID-vhsc-adgb-pqfh","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Libraries). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2579.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2579","reference_id":"","reference_type":"","scores":[{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32062","published_at":"2026-06-05T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31985","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31962","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31993","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.32031","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0013","scoring_system":"epss","scoring_elements":"0.31989","published_at":"2026-06-04T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"3.7","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102663","reference_id":"102663","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"http://www.securityfocus.com/bid/102663"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534298","reference_id":"1534298","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534298"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:41Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2579"],"risk_score":1.6,"exploitability":"0.5","weighted_severity":"3.3","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vhsc-adgb-pqfh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96732?format=json","vulnerability_id":"VCID-vkm3-ad53-kkbn","summary":"Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java SE: 7u161, 8u152 and 9.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json","reference_id":"","reference_type":"","scores":[{"value":"4.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2581.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2581","reference_id":"","reference_type":"","scores":[{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69378","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69333","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69373","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69381","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69372","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00582","scoring_system":"epss","scoring_elements":"0.69357","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2581"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2581"},{"reference_url":"http://www.securityfocus.com/bid/102636","reference_id":"102636","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"http://www.securityfocus.com/bid/102636"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535354","reference_id":"1535354","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1535354"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530","reference_id":"888530","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=888530"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:58Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2581"],"risk_score":1.9,"exploitability":"0.5","weighted_severity":"3.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-vkm3-ad53-kkbn"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96670?format=json","vulnerability_id":"VCID-wpfm-53bw-cyh2","summary":"Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Hotspot). Supported versions that are affected are Java SE: 8u152 and 9.0.1; Java SE Embedded: 8u151. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2582.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2582","reference_id":"","reference_type":"","scores":[{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4082","published_at":"2026-06-09T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40789","published_at":"2026-06-04T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40866","published_at":"2026-06-05T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4087","published_at":"2026-06-06T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.4084","published_at":"2026-06-07T12:55:00Z"},{"value":"0.00191","scoring_system":"epss","scoring_elements":"0.40809","published_at":"2026-06-08T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"6.5","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102597","reference_id":"102597","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"http://www.securityfocus.com/bid/102597"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534768","reference_id":"1534768","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534768"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0351","reference_id":"RHSA-2018:0351","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0351"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0352","reference_id":"RHSA-2018:0352","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0352"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0458","reference_id":"RHSA-2018:0458","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0458"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0521","reference_id":"RHSA-2018:0521","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0521"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:22:42Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2582"],"risk_score":3.0,"exploitability":"0.5","weighted_severity":"5.9","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wpfm-53bw-cyh2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/96678?format=json","vulnerability_id":"VCID-x9ha-gc9s-ubfn","summary":"Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: JGSS). Supported versions that are affected are Java SE: 6u171, 7u161, 8u152 and 9.0.1; Java SE Embedded: 8u151; JRockit: R28.3.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded, JRockit accessible data. Note: This vulnerability applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N).","references":[{"reference_url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2629.json"},{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2629","reference_id":"","reference_type":"","scores":[{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47481","published_at":"2026-06-04T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47514","published_at":"2026-06-09T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47501","published_at":"2026-06-08T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47531","published_at":"2026-06-07T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47548","published_at":"2026-06-06T12:55:00Z"},{"value":"0.0024","scoring_system":"epss","scoring_elements":"0.47545","published_at":"2026-06-05T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678"},{"reference_url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml","reference_id":"","reference_type":"","scores":[{"value":"5.3","scoring_system":"cvssv3","scoring_elements":"CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:N"}],"url":"https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml"},{"reference_url":"http://www.securityfocus.com/bid/102615","reference_id":"102615","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"http://www.securityfocus.com/bid/102615"},{"reference_url":"http://www.securitytracker.com/id/1040203","reference_id":"1040203","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"http://www.securitytracker.com/id/1040203"},{"reference_url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534625","reference_id":"1534625","reference_type":"","scores":[],"url":"https://bugzilla.redhat.com/show_bug.cgi?id=1534625"},{"reference_url":"https://usn.ubuntu.com/3613-1/","reference_id":"3613-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://usn.ubuntu.com/3613-1/"},{"reference_url":"https://usn.ubuntu.com/3614-1/","reference_id":"3614-1","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://usn.ubuntu.com/3614-1/"},{"reference_url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_id":"display?docLocale=en_US&docId=emr_na-hpesbst03911en_us","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us"},{"reference_url":"https://www.debian.org/security/2018/dsa-4144","reference_id":"dsa-4144","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://www.debian.org/security/2018/dsa-4144"},{"reference_url":"https://www.debian.org/security/2018/dsa-4166","reference_id":"dsa-4166","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://www.debian.org/security/2018/dsa-4166"},{"reference_url":"https://security.gentoo.org/glsa/201803-06","reference_id":"GLSA-201803-06","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201803-06"},{"reference_url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html","reference_id":"msg00003.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html"},{"reference_url":"https://security.netapp.com/advisory/ntap-20180117-0001/","reference_id":"ntap-20180117-0001","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://security.netapp.com/advisory/ntap-20180117-0001/"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0095","reference_id":"RHSA-2018:0095","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0095"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0099","reference_id":"RHSA-2018:0099","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0099"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0100","reference_id":"RHSA-2018:0100","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0100"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0115","reference_id":"RHSA-2018:0115","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0115"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:0349","reference_id":"RHSA-2018:0349","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:0349"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1463","reference_id":"RHSA-2018:1463","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1463"},{"reference_url":"https://access.redhat.com/errata/RHSA-2018:1812","reference_id":"RHSA-2018:1812","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:23:46Z/"}],"url":"https://access.redhat.com/errata/RHSA-2018:1812"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/192244?format=json","purl":"pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}],"aliases":["CVE-2018-2629"],"risk_score":2.4,"exploitability":"0.5","weighted_severity":"4.8","resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-x9ha-gc9s-ubfn"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-java/oracle-jdk-bin@1.8.0.162"}