VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-w83z-5wt6-j3fz

Essentials
Severities (33)
References (40)
Severity details (24)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-w83z-5wt6-j3fz
Aliases	CVE-2018-2603
Summary	Multiple vulnerabilities have been found in Oracle's JDK and JRE software suites, the worst of which may allow execution of arbitrary code.
Status	Published
Exploitability	0.5
Weighted Severity	4.8
Risk	2.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-770

Allocation of Resources Without Limits or Throttling

System	Score	Found at
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0095
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0099
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0100
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0115
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0349
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0351
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0352
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0458
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:0521
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1463
ssvc	Track	https://access.redhat.com/errata/RHSA-2018:1812
cvssv3	5.3	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json
epss	0.00095	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
epss	0.00101	https://api.first.org/data/v1/epss?cve=CVE-2018-2603
cvssv3	5.3	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
ssvc	Track	https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0
ssvc	Track	https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
ssvc	Track	https://security.netapp.com/advisory/ntap-20180117-0001/
ssvc	Track	https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
ssvc	Track	https://usn.ubuntu.com/3613-1/
ssvc	Track	https://usn.ubuntu.com/3614-1/
ssvc	Track	https://www.debian.org/security/2018/dsa-4144
ssvc	Track	https://www.debian.org/security/2018/dsa-4166
ssvc	Track	http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
ssvc	Track	http://www.securityfocus.com/bid/102625
ssvc	Track	http://www.securitytracker.com/id/1040203

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json
		https://api.first.org/data/v1/epss?cve=CVE-2018-2603
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2579
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2582
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2588
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2599
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2602
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2603
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2618
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2629
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2633
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2634
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2637
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2641
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2663
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2677
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2678
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
102625		http://www.securityfocus.com/bid/102625
1040203		http://www.securitytracker.com/id/1040203
1534553		https://bugzilla.redhat.com/show_bug.cgi?id=1534553
display?docLocale=en_US&docId=emr_na-hpesbst03911en_us		https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us
dsa-4144		https://www.debian.org/security/2018/dsa-4144
dsa-4166		https://www.debian.org/security/2018/dsa-4166
GLSA-201803-06		https://security.gentoo.org/glsa/201803-06
msg00003.html		https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html
ntap-20180117-0001		https://security.netapp.com/advisory/ntap-20180117-0001/
RHSA-2018:0095		https://access.redhat.com/errata/RHSA-2018:0095
RHSA-2018:0099		https://access.redhat.com/errata/RHSA-2018:0099
RHSA-2018:0100		https://access.redhat.com/errata/RHSA-2018:0100
RHSA-2018:0115		https://access.redhat.com/errata/RHSA-2018:0115
RHSA-2018:0349		https://access.redhat.com/errata/RHSA-2018:0349
RHSA-2018:0351		https://access.redhat.com/errata/RHSA-2018:0351
RHSA-2018:0352		https://access.redhat.com/errata/RHSA-2018:0352
RHSA-2018:0458		https://access.redhat.com/errata/RHSA-2018:0458
RHSA-2018:0521		https://access.redhat.com/errata/RHSA-2018:0521
RHSA-2018:1463		https://access.redhat.com/errata/RHSA-2018:1463
RHSA-2018:1812		https://access.redhat.com/errata/RHSA-2018:1812
USN-3613-1		https://usn.ubuntu.com/3613-1/
USN-3614-1		https://usn.ubuntu.com/3614-1/

No exploits are available.

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0095

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0099

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0100

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0115

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0349

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0351

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0352

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0458

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:0521

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:1463

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://access.redhat.com/errata/RHSA-2018:1812

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2018-2603.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://help.ecostruxureit.com/display/public/UADCE725/Security+fixes+in+StruxureWare+Data+Center+Expert+v7.6.0

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://lists.debian.org/debian-lts-announce/2018/04/msg00003.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://security.netapp.com/advisory/ntap-20180117-0001/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03911en_us

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://usn.ubuntu.com/3613-1/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://usn.ubuntu.com/3614-1/

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://www.debian.org/security/2018/dsa-4144

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at https://www.debian.org/security/2018/dsa-4166

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at http://www.securityfocus.com/bid/102625

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-10-03T19:12:36Z/ Found at http://www.securitytracker.com/id/1040203

Exploit Prediction Scoring System (EPSS)

Percentile	0.26426
EPSS Score	0.00095
Published At	April 13, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:02:16.103744+00:00	Gentoo Importer	Import	https://security.gentoo.org/glsa/201803-06	38.0.0