jdk8-openjdk

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description OpenJDK Java 8 development kit
Version 8.u292-1 [extra]

Open

Group Affected Fixed Severity Status Ticket
AVG-2479 8.u292-1 Medium Vulnerable
AVG-2190 8.u292-1 High Vulnerable
Issue Group Severity Remote Type Description
CVE-2021-35603 AVG-2479 Low Yes Information disclosure 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/javax.net.ssl component. A difficult to...
CVE-2021-35588 AVG-2479 Low Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321 and 8u312 in the hotspot/runtime component. A difficult to exploit vulnerability allows...
CVE-2021-35586 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the client-libs/javax.imageio component. An easily...
CVE-2021-35578 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/javax.net.ssl component. An easily...
CVE-2021-35567 AVG-2479 Medium Yes Information disclosure 
A security issue has been found in OpenJDK before versions 8u312, 11.0.13 and 17.0.1 in the security-libs/java.security component. An easily exploitable...
CVE-2021-35565 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312 and 11.0.13 in the core-libs/java.net component. An easily exploitable vulnerability...
CVE-2021-35564 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/java.security component. An easily...
CVE-2021-35561 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the core-libs/java.util component. An easily exploitable...
CVE-2021-35559 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the security-libs/javax.net.ssl component. An easily...
CVE-2021-35556 AVG-2479 Medium Yes Denial of service 
A security issue has been found in OpenJDK before versions 7u321, 8u312, 11.0.13 and 17.0.1 in the client-libs/javax.swing component. An easily exploitable...
CVE-2021-35550 AVG-2479 Medium Yes Information disclosure 
A security issue has been found in OpenJDK before versions 7u321, 8u312 and 11.0.13 in the security-libs/javax.net.ssl component. A difficult to exploit...
CVE-2021-2388 AVG-2190 High Yes Arbitrary code execution 
A security issue has been found in the Hotspot component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. A difficult to exploit vulnerability allows...
CVE-2021-2369 AVG-2190 Medium Yes Arbitrary code execution 
A security issue has been found in the Library component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. An easily exploitable vulnerability allows...
CVE-2021-2341 AVG-2190 Medium Yes Information disclosure 
A security issue has been found in the Networking component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. A difficult to exploit vulnerability...

Resolved

Group Affected Fixed Severity Status Ticket
AVG-2482 8.u292-1 High Not affected
AVG-1867 8.u282-1 8.u292-1 Medium Not affected
AVG-1849 8.u282-1 8.u292-1 Medium Fixed
Issue Group Severity Remote Type Description
CVE-2021-35560 AVG-2482 High Yes Arbitrary code execution 
A vulnerability has been found in Java SE version 8u301 in the Deployment component. A difficult to exploit vulnerability allows unauthenticated attacker...
CVE-2021-2163 AVG-1849 Medium Yes Insufficient validation 
A security issue was found in the way the Libraries component of OpenJDK enforced constraints defined in the jdk.jar.disabledAlgorithms security property....
CVE-2021-2161 AVG-1867 Medium Yes Incorrect calculation 
It was discovered that the implementation of ProcesBuilder in the Libraries component of OpenJDK on the Windows platform did not properly detect command...