jre-openjdk
| Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
| Description | OpenJDK Java 23 full runtime environment |
| Version | 23.0.1.u0-1 [extra] |
Resolved
| Group | Affected | Fixed | Severity | Status | Ticket |
|---|---|---|---|---|---|
| AVG-2686 | 18-1 | 18.0.1u10-1 | High | Fixed | |
| AVG-2188 | 16.0.1.u9-1 | 16.0.2.u7-1 | High | Fixed |
| Issue | Group | Severity | Remote | Type | Description |
|---|---|---|---|---|---|
| CVE-2022-21496 | AVG-2686 | Medium | Yes | Unknown | Unknown |
| CVE-2022-21449 | AVG-2686 | High | Yes | Insufficient validation | The ECDSA signature verification from java 15 onward accecpted completely blank signatures as valid for an arbitrary message and public key. |
| CVE-2022-21443 | AVG-2686 | Low | Yes | Unknown | Unknown |
| CVE-2022-21434 | AVG-2686 | Medium | Yes | Unknown | Unknown |
| CVE-2022-21426 | AVG-2686 | Medium | Yes | Unknown | Unknown |
| CVE-2021-2388 | AVG-2188 | High | Yes | Arbitrary code execution | A security issue has been found in the Hotspot component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. A difficult to exploit vulnerability allows... |
| CVE-2021-2369 | AVG-2188 | Medium | Yes | Arbitrary code execution | A security issue has been found in the Library component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. An easily exploitable vulnerability allows... |
| CVE-2021-2341 | AVG-2188 | Medium | Yes | Information disclosure | A security issue has been found in the Networking component of OpenJDK versions 7u301, 8u291, 11.0.11 and 16.0.1. A difficult to exploit vulnerability... |
Advisories
| Date | Advisory | Group | Severity | Type |
|---|---|---|---|---|
| 22 Jul 2021 | ASA-202107-66 | AVG-2188 | High | multiple issues |