Search for packages
Package details: pkg:deb/debian/openjdk-11@11.0.16%2B8-1~deb10u1
purl pkg:deb/debian/openjdk-11@11.0.16%2B8-1~deb10u1
Next non-vulnerable version 11.0.28+6-1
Latest non-vulnerable version 11.0.28+6-1
Risk 4.0
Vulnerabilities affecting this package (53)
Vulnerability Summary Fixed by
VCID-1use-r71m-guag
Aliases:
CVE-2024-21208
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-2v9s-easn-q7d6
Aliases:
CVE-2024-20926
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-31ee-5mw5-mqdp
Aliases:
CVE-2023-22081
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-4va4-p44h-y3bg
Aliases:
CVE-2024-20918
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-54ts-mnjv-2qar
Aliases:
CVE-2025-50106
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-554e-u1jm-mfab
Aliases:
CVE-2024-21138
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-6q4a-cygy-6bdu
Aliases:
CVE-2024-21068
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2 and 22; Oracle GraalVM Enterprise Edition: 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-79vg-4f97-gyhq
Aliases:
CVE-2024-21012
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-7dca-wam1-yfcw
Aliases:
CVE-2024-20919
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-7p1z-5v81-abfv
Aliases:
CVE-2024-21140
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-7vz6-me3q-jqgn
Aliases:
CVE-2024-21011
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-93v4-bg4s-pkhs
Aliases:
CVE-2023-21937
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-9atu-db5q-gucv
Aliases:
CVE-2025-21502
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM Enterprise Edition: 20.3.16 and 21.3.12. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-9m1m-b9we-qyhn
Aliases:
CVE-2024-21094
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-adut-1bng-wyda
Aliases:
CVE-2023-22006
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-bggh-azsf-bbcx
Aliases:
CVE-2022-21628
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-cgpx-hgy7-j3bb
Aliases:
CVE-2025-21587
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-ddd6-279m-j7ea
Aliases:
CVE-2023-22049
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-fmjc-7g3k-4bav
Aliases:
CVE-2025-30754
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-g96d-fpak-f7ak
Aliases:
CVE-2024-21131
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-gkpy-5zws-kffw
Aliases:
CVE-2024-21217
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-j42c-256h-hqa2
Aliases:
CVE-2023-21954
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-j7kh-wgfu-ukct
Aliases:
CVE-2024-20945
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition executes to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-jd6t-vsm9-jqh2
Aliases:
CVE-2023-21930
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-kk1z-hfn9-23gz
Aliases:
CVE-2025-30691
Vulnerability in Oracle Java SE (component: Compiler). Supported versions that are affected are Oracle Java SE: 21.0.6, 24; Oracle GraalVM for JDK: 21.0.6 and 24. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data as well as unauthorized read access to a subset of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-kqk4-vfdu-kbbb
Aliases:
CVE-2023-21843
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Sound). Supported versions that are affected are Oracle Java SE: 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-kwtv-kgna-4uca
Aliases:
CVE-2025-30749
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-m2s2-cv2a-27de
Aliases:
CVE-2024-21144
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-mmr1-8fzs-7kdz
Aliases:
CVE-2023-21968
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-mxuw-79qu-yuav
Aliases:
CVE-2023-21938
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-n683-57sv-yqb6
Aliases:
CVE-2024-20952
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-n77h-bkdw-zucr
Aliases:
CVE-2022-21540
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-nx7d-y26j-t3bk
Aliases:
CVE-2022-34169
GHSA-9339-86wc-4qgf
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-p9q8-s5ws-2ub4
Aliases:
CVE-2023-21967
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-qcaw-y4yb-u3fy
Aliases:
CVE-2025-50059
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. While the vulnerability is in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.6 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-s1a9-rdvh-ukee
Aliases:
CVE-2025-30761
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-swhc-w5yq-sbhw
Aliases:
CVE-2023-22041
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-t3rr-va3k-8ufa
Aliases:
CVE-2024-21147
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-td3e-vhpt-37c9
Aliases:
CVE-2023-21835
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 11.0.17, 17.0.5, 19.0.1; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via DTLS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-tqt1-5hc7-7qd2
Aliases:
CVE-2022-39399
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-tyhv-s3z2-4fbn
Aliases:
CVE-2024-21210
Vulnerability in Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4 and 23. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-u3j4-vg4z-bkeq
Aliases:
CVE-2024-21085
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-u5rg-rn58-2ffv
Aliases:
CVE-2022-21626
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-ujgh-3nu4-efe5
Aliases:
CVE-2024-21235
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u421, 8u421-perf, 11.0.24, 17.0.12, 21.0.4, 23; Oracle GraalVM for JDK: 17.0.12, 21.0.4, 23; Oracle GraalVM Enterprise Edition: 20.3.15 and 21.3.11. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-upyk-ay8d-7ufv
Aliases:
CVE-2024-20921
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-v1mt-85nv-1qbb
Aliases:
CVE-2023-22045
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-vfw1-dmk4-tqfp
Aliases:
CVE-2023-22036
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-xjes-8h96-tydz
Aliases:
CVE-2022-21619
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-xkgp-4vv2-2kce
Aliases:
CVE-2023-21939
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-ym88-ba8k-hufg
Aliases:
CVE-2024-21145
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM Enterprise Edition: 20.3.14 and 21.3.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N).
11.0.24+8-2~deb11u1
Affected by 13 other vulnerabilities.
VCID-ysqy-wkye-skc4
Aliases:
CVE-2025-30698
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
11.0.28+6-1
Affected by 0 other vulnerabilities.
VCID-zem9-xg23-cub3
Aliases:
CVE-2022-21624
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 8u341, 8u345-perf, 11.0.16.1, 17.0.4.1, 19; Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).
11.0.22+7-2
Affected by 24 other vulnerabilities.
VCID-zgrh-jut1-f3ch
Aliases:
CVE-2022-21541
11.0.22+7-2
Affected by 24 other vulnerabilities.
Vulnerabilities fixed by this package (91)
Vulnerability Summary Aliases
VCID-12ye-c3qb-6yh1 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2020-2590
VCID-12zc-mj7p-k7cn Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L). CVE-2019-2975
VCID-168d-sxzu-bygb Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21341
VCID-1xtj-bnf1-rka8 CVE-2020-14796
VCID-292g-bkte-cygn Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2022-21282
VCID-2t21-2zf8-m7c3 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2022-21434
VCID-3625-byfp-9qed Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). CVE-2020-14583
VCID-3793-2afq-augb Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2021-35578
VCID-3xep-6axr-gkde Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2020-2593
VCID-42xr-m72k-kye9 CVE-2021-2163
VCID-43w6-8m63-63cy Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21299
VCID-4qb5-7zaq-s7cf Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:N/A:N). CVE-2021-2341
VCID-5tj7-9vy4-ukhu Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2981
VCID-645w-kznv-4qat Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2021-35556
VCID-6pd3-rat4-gyg9 Vulnerability in the Java SE product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2987
VCID-6wgj-zn5h-8yde Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2022-21291
VCID-764k-9yjb-uqcd Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2962
VCID-7m9c-hmm6-z7am Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2020-2778
VCID-7yce-6nce-pydn Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 6.8 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:H/A:N). CVE-2019-2989
VCID-876k-cf1s-1kdn Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2020-2767
VCID-8hp7-txqy-mufr Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2020-2655
VCID-8vwv-2uwq-b3cg Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.8 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:L). CVE-2019-2977
VCID-8wzu-br3g-jkas Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.1 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:N/A:L). CVE-2019-2945
VCID-9g9c-c96z-17gn Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2756
VCID-9gp8-a91h-x3ax Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Lightweight HTTP Server). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2020-2800
VCID-9h1h-5psr-tuhm Vulnerability in the Java SE product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 11.0.6 and 14. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 7.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N). CVE-2020-2816
VCID-9jbc-vvrg-4ka9 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). CVE-2020-2805
VCID-9qam-64ty-ryar Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H). CVE-2020-2803
VCID-9u69-5kxz-z7g3 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2021-35559
VCID-9zpb-jb8d-gffk Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JNDI). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2022-21496
VCID-a2c4-28v1-ekb7 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21360
VCID-a7wz-dujf-k3ae Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.4 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N). CVE-2020-14593
VCID-afnh-bc8x-cfg1 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows low privileged attacker with network access via Kerberos to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, Oracle GraalVM Enterprise Edition, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N). CVE-2021-35567
VCID-b7ha-tz2t-xbaq Vulnerability in the Java SE product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2654
VCID-bckm-dzhh-1qb3 CVE-2020-14792
VCID-cnfw-3bjc-ykb5 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2021-35565
VCID-cztg-qz2s-2kep Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2978
VCID-dgzt-xcgm-hbhs Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2754
VCID-dj4s-anjn-2uan Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2022-21305
VCID-dtbs-1hsm-hfbx Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N). CVE-2021-35550
VCID-dy42-8avr-73fp Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2020-14577
VCID-e1uu-wk39-z3b2 Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2021-35586
VCID-eah9-m6az-9uak Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21293
VCID-eb54-f97g-hyex Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2020-14581
VCID-eceg-92sa-hyfw Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H). CVE-2021-2388
VCID-eew5-s6zw-6uhk Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2757
VCID-ff44-k5vk-6kck Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N). CVE-2022-21476
VCID-fqn4-8u5p-vqfj Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N). CVE-2020-2601
VCID-fvec-qg83-x3f2 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Serialization). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2022-21248
VCID-fvrc-k7a8-9fht Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-14578
VCID-g8gj-ap2h-sqby Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Keytool). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2021-35564
VCID-g99s-qn6g-57e8 Vulnerability in the Java SE product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-14562
VCID-gh2k-9dff-p7ch Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2583
VCID-gjfj-84zs-euer Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Kerberos). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via Kerberos to compromise Java SE, Java SE Embedded. While the vulnerability is in Java SE, Java SE Embedded, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 6.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N). CVE-2019-2949
VCID-grkz-h94q-r3dm Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2021-35561
VCID-h4d2-bq6u-j3eq CVE-2020-14798
VCID-hfdz-hcn4-q3hv Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21294
VCID-j8r3-36mz-zydf Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21365
VCID-jdwn-njv2-3qb9 Vulnerability in the Java SE product of Oracle Java SE (component: Javadoc). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data as well as unauthorized read access to a subset of Java SE accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N). CVE-2019-2999
VCID-jm7z-71wa-mbdu Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21426
VCID-k1v8-1pnh-gbhq Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Scripting). Supported versions that are affected are Java SE: 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2755
VCID-kz8d-pshj-nqeh Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21277
VCID-n77h-bkdw-zucr CVE-2022-21540
VCID-ncqs-twqa-1fax Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N). CVE-2021-2369
VCID-nu69-mkpm-6bga Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2781
VCID-nx7d-y26j-t3bk CVE-2022-34169
GHSA-9339-86wc-4qgf
VCID-ny74-51rr-d3d5 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2022-21296
VCID-p1fd-zvbd-pyhc Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21443
VCID-p2j9-52hn-5faj Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21283
VCID-pv22-zfvh-eyed Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data as well as unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 4.8 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N). CVE-2020-14556
VCID-t32h-4r85-j7gn Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u271, 8u261, 11.0.8 and 15; Java SE Embedded: 8u261. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2020-14782
VCID-t49t-8s5g-mbbu Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2973
VCID-t6gd-ttkk-pybg Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: JAXP). Supported versions that are affected are Java SE: 7u261, 8u251, 11.0.7 and 14.0.1; Java SE Embedded: 8u251. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Java SE Embedded accessible data. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.1 Base Score 5.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2020-14621
VCID-tp24-rdef-y3f4 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u241, 8u231, 11.0.5 and 13.0.1; Java SE Embedded: 8u231. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in takeover of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS v3.0 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). CVE-2020-2604
VCID-uamx-f4a5-hqa3 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Java SE Embedded accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2019-2894
VCID-v1qk-zgdr-5uhf Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21340
VCID-v1wy-3apc-mygs Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2830
VCID-vty8-y7h9-pkdh CVE-2020-14803
VCID-w898-8jdy-23ev Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2983
VCID-wnq7-32fg-1bc3 Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u261 and 8u251; Java SE Embedded: 8u251. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-14579
VCID-wntr-5yqv-p7gp Vulnerability in the Java SE product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE accessible data. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N). CVE-2020-14573
VCID-wsty-c5gb-q7f1 CVE-2020-14779
VCID-x36n-gtxp-u3eu Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Security). Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: Applies to client and server deployment of Java. This vulnerability can be exploited through sandboxed Java Web Start applications and sandboxed Java applets. It can also be exploited by supplying data to APIs in the specified Component without using sandboxed Java Web Start applications or sandboxed Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2020-2773
VCID-x9b6-6qsk-jfhc Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Concurrency). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability can only be exploited by supplying data to APIs in the specified Component without using Untrusted Java Web Start applications or Untrusted Java applets, such as through a web service. CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2964
VCID-xj2y-6b2d-zqep Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2022-21366
VCID-y9jf-q77u-8yc1 CVE-2020-14797
VCID-yppd-96zp-3ua5 CVE-2020-14781
VCID-z3k1-3m78-2feh Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2992
VCID-zbh7-h4sk-qkcn Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: 2D). Supported versions that are affected are Java SE: 7u231, 8u221, 11.0.4 and 13; Java SE Embedded: 8u221. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Java SE, Java SE Embedded. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets (in Java SE 8), that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.0 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L). CVE-2019-2988
VCID-zcz4-21ww-wydh Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated attacker with network access via TLS to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability can also be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). CVE-2021-35603
VCID-zgrh-jut1-f3ch CVE-2022-21541

Date Actor Action Vulnerability Source VulnerableCode Version
2025-08-01T20:12:36.508846+00:00 Debian Oval Importer Fixing VCID-fvrc-k7a8-9fht https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T20:08:47.446266+00:00 Debian Oval Importer Fixing VCID-eew5-s6zw-6uhk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:53:41.741178+00:00 Debian Oval Importer Fixing VCID-3xep-6axr-gkde https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:36:58.635787+00:00 Debian Oval Importer Fixing VCID-8wzu-br3g-jkas https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:36:07.740961+00:00 Debian Oval Importer Fixing VCID-x9b6-6qsk-jfhc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:29:55.252285+00:00 Debian Oval Importer Affected by VCID-kk1z-hfn9-23gz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:26:03.745706+00:00 Debian Oval Importer Fixing VCID-vty8-y7h9-pkdh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:22:09.622505+00:00 Debian Oval Importer Fixing VCID-fqn4-8u5p-vqfj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:19:00.072406+00:00 Debian Oval Importer Affected by VCID-7dca-wam1-yfcw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:16:42.422391+00:00 Debian Oval Importer Fixing VCID-292g-bkte-cygn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:13:35.055929+00:00 Debian Oval Importer Affected by VCID-1use-r71m-guag https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T19:05:00.191017+00:00 Debian Oval Importer Fixing VCID-a7wz-dujf-k3ae https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:53:56.764929+00:00 Debian Oval Importer Fixing VCID-t49t-8s5g-mbbu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:53:43.966216+00:00 Debian Oval Importer Affected by VCID-2v9s-easn-q7d6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:42:57.184521+00:00 Debian Oval Importer Fixing VCID-1xtj-bnf1-rka8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:41:59.763578+00:00 Debian Oval Importer Affected by VCID-s1a9-rdvh-ukee https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:37:18.848864+00:00 Debian Oval Importer Fixing VCID-6pd3-rat4-gyg9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:27:07.715838+00:00 Debian Oval Importer Affected by VCID-mxuw-79qu-yuav https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:22:47.224706+00:00 Debian Oval Importer Affected by VCID-fmjc-7g3k-4bav https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:20:06.224724+00:00 Debian Oval Importer Affected by VCID-tyhv-s3z2-4fbn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:20:00.827729+00:00 Debian Oval Importer Affected by VCID-93v4-bg4s-pkhs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:14:03.903955+00:00 Debian Oval Importer Fixing VCID-gh2k-9dff-p7ch https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:11:26.527197+00:00 Debian Oval Importer Fixing VCID-8vwv-2uwq-b3cg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T18:08:13.151092+00:00 Debian Oval Importer Fixing VCID-y9jf-q77u-8yc1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:59:02.467160+00:00 Debian Oval Importer Fixing VCID-p2j9-52hn-5faj https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:58:26.835998+00:00 Debian Oval Importer Affected by VCID-u5rg-rn58-2ffv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:53:40.085676+00:00 Debian Oval Importer Fixing VCID-fvec-qg83-x3f2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:47:00.656553+00:00 Debian Oval Importer Fixing VCID-764k-9yjb-uqcd https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:43:33.143071+00:00 Debian Oval Importer Fixing VCID-cnfw-3bjc-ykb5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:35:26.140748+00:00 Debian Oval Importer Fixing VCID-ncqs-twqa-1fax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:31:04.030272+00:00 Debian Oval Importer Fixing VCID-7yce-6nce-pydn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:17:55.650000+00:00 Debian Oval Importer Fixing VCID-t32h-4r85-j7gn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:17:29.518305+00:00 Debian Oval Importer Affected by VCID-adut-1bng-wyda https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T17:00:42.191560+00:00 Debian Oval Importer Affected by VCID-td3e-vhpt-37c9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:59:37.268684+00:00 Debian Oval Importer Affected by VCID-ysqy-wkye-skc4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:59:32.277204+00:00 Debian Oval Importer Fixing VCID-3625-byfp-9qed https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:59:10.836249+00:00 Debian Oval Importer Affected by VCID-xjes-8h96-tydz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:55:13.470217+00:00 Debian Oval Importer Fixing VCID-tp24-rdef-y3f4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:51:17.164228+00:00 Debian Oval Importer Affected by VCID-bggh-azsf-bbcx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:49:36.516211+00:00 Debian Oval Importer Fixing VCID-bckm-dzhh-1qb3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:47:23.547684+00:00 Debian Oval Importer Affected by VCID-7p1z-5v81-abfv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:44:48.983329+00:00 Debian Oval Importer Fixing VCID-645w-kznv-4qat https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:43:21.956849+00:00 Debian Oval Importer Fixing VCID-p1fd-zvbd-pyhc https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:37:25.329650+00:00 Debian Oval Importer Fixing VCID-7m9c-hmm6-z7am https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:36:51.919369+00:00 Debian Oval Importer Fixing VCID-xj2y-6b2d-zqep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:30:42.339068+00:00 Debian Oval Importer Fixing VCID-9gp8-a91h-x3ax https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:30:28.404109+00:00 Debian Oval Importer Fixing VCID-12ye-c3qb-6yh1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:27:23.938932+00:00 Debian Oval Importer Affected by VCID-u3j4-vg4z-bkeq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:24:44.522826+00:00 Debian Oval Importer Fixing VCID-wsty-c5gb-q7f1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:22:59.411115+00:00 Debian Oval Importer Fixing VCID-yppd-96zp-3ua5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:20:53.760059+00:00 Debian Oval Importer Fixing VCID-8hp7-txqy-mufr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:19:02.114658+00:00 Debian Oval Importer Fixing VCID-9qam-64ty-ryar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:18:10.155704+00:00 Debian Oval Importer Affected by VCID-p9q8-s5ws-2ub4 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:06:09.959234+00:00 Debian Oval Importer Fixing VCID-dj4s-anjn-2uan https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T16:02:17.676283+00:00 Debian Oval Importer Fixing VCID-9g9c-c96z-17gn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:54:43.448573+00:00 Debian Oval Importer Fixing VCID-dtbs-1hsm-hfbx https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:49:14.971525+00:00 Debian Oval Importer Affected by VCID-4va4-p44h-y3bg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:48:57.124360+00:00 Debian Oval Importer Fixing VCID-eceg-92sa-hyfw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:39:54.021912+00:00 Debian Oval Importer Affected by VCID-vfw1-dmk4-tqfp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:34:44.132219+00:00 Debian Oval Importer Fixing VCID-k1v8-1pnh-gbhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:34:05.634976+00:00 Debian Oval Importer Affected by VCID-j7kh-wgfu-ukct https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:30:18.625660+00:00 Debian Oval Importer Fixing VCID-gjfj-84zs-euer https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:28:28.076039+00:00 Debian Oval Importer Fixing VCID-9h1h-5psr-tuhm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:20:55.595744+00:00 Debian Oval Importer Affected by VCID-gkpy-5zws-kffw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:13:53.463984+00:00 Debian Oval Importer Affected by VCID-79vg-4f97-gyhq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:10:01.771509+00:00 Debian Oval Importer Fixing VCID-uamx-f4a5-hqa3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:09:34.684642+00:00 Debian Oval Importer Affected by VCID-xkgp-4vv2-2kce https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:04:59.545075+00:00 Debian Oval Importer Fixing VCID-ff44-k5vk-6kck https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:03:19.648073+00:00 Debian Oval Importer Affected by VCID-cgpx-hgy7-j3bb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T15:01:32.277147+00:00 Debian Oval Importer Fixing VCID-b7ha-tz2t-xbaq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:59:21.141468+00:00 Debian Oval Importer Fixing VCID-cztg-qz2s-2kep https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:58:31.833343+00:00 Debian Oval Importer Affected by VCID-m2s2-cv2a-27de https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:56:56.471258+00:00 Debian Oval Importer Affected by VCID-upyk-ay8d-7ufv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:54:14.310741+00:00 Debian Oval Importer Affected by VCID-9m1m-b9we-qyhn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:53:53.147185+00:00 Debian Oval Importer Affected by VCID-g96d-fpak-f7ak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:51:53.590437+00:00 Debian Oval Importer Affected by VCID-n77h-bkdw-zucr https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:49:15.559610+00:00 Debian Oval Importer Fixing VCID-x36n-gtxp-u3eu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:40:59.883529+00:00 Debian Oval Importer Fixing VCID-jm7z-71wa-mbdu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:34:49.793134+00:00 Debian Oval Importer Affected by VCID-n683-57sv-yqb6 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:34:18.777292+00:00 Debian Oval Importer Fixing VCID-h4d2-bq6u-j3eq https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:23:53.951012+00:00 Debian Oval Importer Affected by VCID-j42c-256h-hqa2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:15:13.989802+00:00 Debian Oval Importer Fixing VCID-ny74-51rr-d3d5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:07:36.802334+00:00 Debian Oval Importer Affected by VCID-31ee-5mw5-mqdp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:02:29.753334+00:00 Debian Oval Importer Fixing VCID-wnq7-32fg-1bc3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T14:00:17.929291+00:00 Debian Oval Importer Fixing VCID-zbh7-h4sk-qkcn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:58:48.756461+00:00 Debian Oval Importer Affected by VCID-t3rr-va3k-8ufa https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:58:38.020267+00:00 Debian Oval Importer Affected by VCID-ddd6-279m-j7ea https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:57:19.691871+00:00 Debian Oval Importer Fixing VCID-168d-sxzu-bygb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:54:16.246331+00:00 Debian Oval Importer Affected by VCID-554e-u1jm-mfab https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:52:29.556081+00:00 Debian Oval Importer Fixing VCID-5tj7-9vy4-ukhu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:50:57.576268+00:00 Debian Oval Importer Fixing VCID-wntr-5yqv-p7gp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:49:58.430540+00:00 Debian Oval Importer Affected by VCID-7vz6-me3q-jqgn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:48:19.248460+00:00 Debian Oval Importer Affected by VCID-kqk4-vfdu-kbbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:47:08.107090+00:00 Debian Oval Importer Fixing VCID-12zc-mj7p-k7cn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:46:28.880048+00:00 Debian Oval Importer Affected by VCID-54ts-mnjv-2qar https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:38:23.223026+00:00 Debian Oval Importer Fixing VCID-eb54-f97g-hyex https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:38:12.298319+00:00 Debian Oval Importer Fixing VCID-6wgj-zn5h-8yde https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:37:41.602198+00:00 Debian Oval Importer Fixing VCID-hfdz-hcn4-q3hv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:35:46.204585+00:00 Debian Oval Importer Fixing VCID-dy42-8avr-73fp https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:35:12.908719+00:00 Debian Oval Importer Affected by VCID-v1mt-85nv-1qbb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:34:59.638472+00:00 Debian Oval Importer Affected by VCID-swhc-w5yq-sbhw https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:33:21.674945+00:00 Debian Oval Importer Fixing VCID-4qb5-7zaq-s7cf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:32:14.932190+00:00 Debian Oval Importer Fixing VCID-9zpb-jb8d-gffk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:23:54.109181+00:00 Debian Oval Importer Fixing VCID-afnh-bc8x-cfg1 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:20:23.352687+00:00 Debian Oval Importer Fixing VCID-g99s-qn6g-57e8 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:17:38.932004+00:00 Debian Oval Importer Fixing VCID-dgzt-xcgm-hbhs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:15:48.575351+00:00 Debian Oval Importer Affected by VCID-kwtv-kgna-4uca https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:08:59.073527+00:00 Debian Oval Importer Affected by VCID-zem9-xg23-cub3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:07:51.082533+00:00 Debian Oval Importer Fixing VCID-zcz4-21ww-wydh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:07:03.770002+00:00 Debian Oval Importer Affected by VCID-qcaw-y4yb-u3fy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:04:12.043322+00:00 Debian Oval Importer Fixing VCID-v1wy-3apc-mygs https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:03:20.794774+00:00 Debian Oval Importer Affected by VCID-6q4a-cygy-6bdu https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T13:01:18.131002+00:00 Debian Oval Importer Fixing VCID-nu69-mkpm-6bga https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:56:41.084485+00:00 Debian Oval Importer Fixing VCID-g8gj-ap2h-sqby https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:44:32.875469+00:00 Debian Oval Importer Affected by VCID-mmr1-8fzs-7kdz https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:43:51.962960+00:00 Debian Oval Importer Fixing VCID-a2c4-28v1-ekb7 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:42:42.709019+00:00 Debian Oval Importer Fixing VCID-9u69-5kxz-z7g3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:36:26.188710+00:00 Debian Oval Importer Fixing VCID-jdwn-njv2-3qb9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:34:59.251742+00:00 Debian Oval Importer Fixing VCID-pv22-zfvh-eyed https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:33:10.023605+00:00 Debian Oval Importer Affected by VCID-9atu-db5q-gucv https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:32:57.002245+00:00 Debian Oval Importer Fixing VCID-43w6-8m63-63cy https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:31:54.959381+00:00 Debian Oval Importer Affected by VCID-tqt1-5hc7-7qd2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:28:37.436852+00:00 Debian Oval Importer Fixing VCID-w898-8jdy-23ev https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:28:08.341000+00:00 Debian Oval Importer Fixing VCID-v1qk-zgdr-5uhf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:26:53.067565+00:00 Debian Oval Importer Fixing VCID-grkz-h94q-r3dm https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:24:32.541777+00:00 Debian Oval Importer Fixing VCID-2t21-2zf8-m7c3 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:13:59.308688+00:00 Debian Oval Importer Fixing VCID-kz8d-pshj-nqeh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:11:48.736128+00:00 Debian Oval Importer Affected by VCID-ujgh-3nu4-efe5 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:11:13.036278+00:00 Debian Oval Importer Affected by VCID-ym88-ba8k-hufg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:09:22.250823+00:00 Debian Oval Importer Fixing VCID-z3k1-3m78-2feh https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:06:46.770194+00:00 Debian Oval Importer Fixing VCID-eah9-m6az-9uak https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:05:50.044449+00:00 Debian Oval Importer Affected by VCID-nx7d-y26j-t3bk https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:05:12.213942+00:00 Debian Oval Importer Fixing VCID-e1uu-wk39-z3b2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:04:21.926325+00:00 Debian Oval Importer Fixing VCID-42xr-m72k-kye9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T12:03:36.349470+00:00 Debian Oval Importer Fixing VCID-9jbc-vvrg-4ka9 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:59:20.850868+00:00 Debian Oval Importer Fixing VCID-876k-cf1s-1kdn https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:59:04.774725+00:00 Debian Oval Importer Fixing VCID-j8r3-36mz-zydf https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:58:45.153165+00:00 Debian Oval Importer Fixing VCID-t6gd-ttkk-pybg https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:54:53.084518+00:00 Debian Oval Importer Fixing VCID-3793-2afq-augb https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:52:04.040983+00:00 Debian Oval Importer Affected by VCID-zgrh-jut1-f3ch https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:48:41.061989+00:00 Debian Oval Importer Affected by VCID-jd6t-vsm9-jqh2 https://www.debian.org/security/oval/oval-definitions-bullseye.xml.bz2 37.0.0
2025-08-01T11:47:20.800526+00:00 Debian Oval Importer Fixing VCID-168d-sxzu-bygb https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:46:37.083193+00:00 Debian Oval Importer Fixing VCID-uamx-f4a5-hqa3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:46:30.965659+00:00 Debian Oval Importer Fixing VCID-wsty-c5gb-q7f1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:46:21.110259+00:00 Debian Oval Importer Fixing VCID-6pd3-rat4-gyg9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:45:59.691746+00:00 Debian Oval Importer Fixing VCID-cztg-qz2s-2kep https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:45:25.662769+00:00 Debian Oval Importer Fixing VCID-3625-byfp-9qed https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:45:06.915316+00:00 Debian Oval Importer Fixing VCID-6wgj-zn5h-8yde https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:44:55.487662+00:00 Debian Oval Importer Fixing VCID-x9b6-6qsk-jfhc https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:44:44.777996+00:00 Debian Oval Importer Fixing VCID-9gp8-a91h-x3ax https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:44:10.992009+00:00 Debian Oval Importer Fixing VCID-eceg-92sa-hyfw https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:44:06.492246+00:00 Debian Oval Importer Fixing VCID-y9jf-q77u-8yc1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:43:51.249491+00:00 Debian Oval Importer Fixing VCID-p2j9-52hn-5faj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:43:33.376986+00:00 Debian Oval Importer Fixing VCID-e1uu-wk39-z3b2 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:43:27.364121+00:00 Debian Oval Importer Fixing VCID-12ye-c3qb-6yh1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:42:28.057618+00:00 Debian Oval Importer Fixing VCID-fqn4-8u5p-vqfj https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:42:24.331002+00:00 Debian Oval Importer Fixing VCID-jm7z-71wa-mbdu https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:42:22.936108+00:00 Debian Oval Importer Fixing VCID-fvrc-k7a8-9fht https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:41:37.321641+00:00 Debian Oval Importer Fixing VCID-b7ha-tz2t-xbaq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:41:06.642431+00:00 Debian Oval Importer Fixing VCID-j8r3-36mz-zydf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:40:46.012168+00:00 Debian Oval Importer Fixing VCID-g8gj-ap2h-sqby https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:40:16.110890+00:00 Debian Oval Importer Fixing VCID-9h1h-5psr-tuhm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:40:15.400702+00:00 Debian Oval Importer Fixing VCID-grkz-h94q-r3dm https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:40:12.977983+00:00 Debian Oval Importer Fixing VCID-p1fd-zvbd-pyhc https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:40:08.409309+00:00 Debian Oval Importer Fixing VCID-eew5-s6zw-6uhk https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:39:53.388572+00:00 Debian Oval Importer Fixing VCID-1xtj-bnf1-rka8 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:39:50.456242+00:00 Debian Oval Importer Fixing VCID-7m9c-hmm6-z7am https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:39:43.160066+00:00 Debian Oval Importer Fixing VCID-zcz4-21ww-wydh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:39:33.308651+00:00 Debian Oval Importer Fixing VCID-x36n-gtxp-u3eu https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:38:52.588315+00:00 Debian Oval Importer Fixing VCID-12zc-mj7p-k7cn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:38:02.575680+00:00 Debian Oval Importer Fixing VCID-g99s-qn6g-57e8 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:37:37.727477+00:00 Debian Oval Importer Fixing VCID-n77h-bkdw-zucr https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:37:21.196049+00:00 Debian Oval Importer Fixing VCID-8vwv-2uwq-b3cg https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:36:32.324527+00:00 Debian Oval Importer Fixing VCID-9u69-5kxz-z7g3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:36:07.744641+00:00 Debian Oval Importer Fixing VCID-jdwn-njv2-3qb9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:35:53.209932+00:00 Debian Oval Importer Fixing VCID-wntr-5yqv-p7gp https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:35:40.341280+00:00 Debian Oval Importer Fixing VCID-xj2y-6b2d-zqep https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:35:16.157061+00:00 Debian Oval Importer Fixing VCID-43w6-8m63-63cy https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:34:39.007284+00:00 Debian Oval Importer Fixing VCID-3793-2afq-augb https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:34:37.313294+00:00 Debian Oval Importer Fixing VCID-8hp7-txqy-mufr https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:33:22.237499+00:00 Debian Oval Importer Fixing VCID-9qam-64ty-ryar https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:33:13.542719+00:00 Debian Oval Importer Fixing VCID-dy42-8avr-73fp https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:32:50.580499+00:00 Debian Oval Importer Fixing VCID-kz8d-pshj-nqeh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:32:43.192452+00:00 Debian Oval Importer Fixing VCID-nx7d-y26j-t3bk https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:32:24.026003+00:00 Debian Oval Importer Fixing VCID-v1wy-3apc-mygs https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:31:22.485015+00:00 Debian Oval Importer Fixing VCID-eb54-f97g-hyex https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:31:05.015302+00:00 Debian Oval Importer Fixing VCID-gh2k-9dff-p7ch https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:30:57.168240+00:00 Debian Oval Importer Fixing VCID-w898-8jdy-23ev https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:30:39.029991+00:00 Debian Oval Importer Fixing VCID-t6gd-ttkk-pybg https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:29:31.017803+00:00 Debian Oval Importer Fixing VCID-tp24-rdef-y3f4 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:29:21.948323+00:00 Debian Oval Importer Fixing VCID-42xr-m72k-kye9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:28:38.770590+00:00 Debian Oval Importer Fixing VCID-a7wz-dujf-k3ae https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:28:16.133753+00:00 Debian Oval Importer Fixing VCID-4qb5-7zaq-s7cf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:28:08.785662+00:00 Debian Oval Importer Fixing VCID-292g-bkte-cygn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:28:01.007877+00:00 Debian Oval Importer Fixing VCID-ncqs-twqa-1fax https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:27:33.246402+00:00 Debian Oval Importer Fixing VCID-cnfw-3bjc-ykb5 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:27:29.678851+00:00 Debian Oval Importer Fixing VCID-9g9c-c96z-17gn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:27:00.769282+00:00 Debian Oval Importer Fixing VCID-zgrh-jut1-f3ch https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:25:24.666920+00:00 Debian Oval Importer Fixing VCID-afnh-bc8x-cfg1 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:25:09.696978+00:00 Debian Oval Importer Fixing VCID-2t21-2zf8-m7c3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:25:01.401137+00:00 Debian Oval Importer Fixing VCID-fvec-qg83-x3f2 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:24:35.751814+00:00 Debian Oval Importer Fixing VCID-ny74-51rr-d3d5 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:24:31.108607+00:00 Debian Oval Importer Fixing VCID-8wzu-br3g-jkas https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:24:26.375529+00:00 Debian Oval Importer Fixing VCID-876k-cf1s-1kdn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:23:59.134869+00:00 Debian Oval Importer Fixing VCID-pv22-zfvh-eyed https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:23:47.475998+00:00 Debian Oval Importer Fixing VCID-ff44-k5vk-6kck https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:23:08.950209+00:00 Debian Oval Importer Fixing VCID-764k-9yjb-uqcd https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:21:32.281369+00:00 Debian Oval Importer Fixing VCID-vty8-y7h9-pkdh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:21:24.427598+00:00 Debian Oval Importer Fixing VCID-5tj7-9vy4-ukhu https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:21:09.289453+00:00 Debian Oval Importer Fixing VCID-dgzt-xcgm-hbhs https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:20:56.121343+00:00 Debian Oval Importer Fixing VCID-v1qk-zgdr-5uhf https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:20:37.108896+00:00 Debian Oval Importer Fixing VCID-dj4s-anjn-2uan https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:20:23.710943+00:00 Debian Oval Importer Fixing VCID-z3k1-3m78-2feh https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:20:19.061152+00:00 Debian Oval Importer Fixing VCID-hfdz-hcn4-q3hv https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:20:03.764061+00:00 Debian Oval Importer Fixing VCID-9jbc-vvrg-4ka9 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:19:01.246970+00:00 Debian Oval Importer Fixing VCID-wnq7-32fg-1bc3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:18:28.721154+00:00 Debian Oval Importer Fixing VCID-dtbs-1hsm-hfbx https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:18:27.991524+00:00 Debian Oval Importer Fixing VCID-k1v8-1pnh-gbhq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:18:07.628009+00:00 Debian Oval Importer Fixing VCID-9zpb-jb8d-gffk https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:17:46.766949+00:00 Debian Oval Importer Fixing VCID-bckm-dzhh-1qb3 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:17:40.592925+00:00 Debian Oval Importer Fixing VCID-zbh7-h4sk-qkcn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:16:58.418054+00:00 Debian Oval Importer Fixing VCID-t32h-4r85-j7gn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:16:49.741664+00:00 Debian Oval Importer Fixing VCID-645w-kznv-4qat https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:16:03.720318+00:00 Debian Oval Importer Fixing VCID-t49t-8s5g-mbbu https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:15:45.173569+00:00 Debian Oval Importer Fixing VCID-h4d2-bq6u-j3eq https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:14:50.412953+00:00 Debian Oval Importer Fixing VCID-nu69-mkpm-6bga https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:14:26.998682+00:00 Debian Oval Importer Fixing VCID-gjfj-84zs-euer https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:14:09.874381+00:00 Debian Oval Importer Fixing VCID-eah9-m6az-9uak https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:14:03.759889+00:00 Debian Oval Importer Fixing VCID-a2c4-28v1-ekb7 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:13:50.427732+00:00 Debian Oval Importer Fixing VCID-yppd-96zp-3ua5 https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:13:23.022912+00:00 Debian Oval Importer Fixing VCID-7yce-6nce-pydn https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0
2025-08-01T11:12:35.187835+00:00 Debian Oval Importer Fixing VCID-3xep-6axr-gkde https://www.debian.org/security/oval/oval-definitions-buster.xml.bz2 37.0.0