Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Openjdk
(Oracle)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 78 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2014-02-10 | CVE-2014-1876 | The unpacker::redirect_stdio function in unpack.cpp in unpack200 in OpenJDK 6, 7, and 8; Oracle Java SE 5.0u61, 6u71, 7u51, and 8; JRockit R27.8.1 and R28.3.1; and Java SE Embedded 7u51 does not securely create temporary files when a log file cannot be opened, which allows local users to overwrite arbitrary files via a symlink attack on /tmp/unpack.log. | Openjdk | N/A | ||
2014-05-13 | CVE-2014-0462 | Unspecified vulnerability in OpenJDK 6 before 6b31 on Debian GNU/Linux and Ubuntu 12.04 LTS and 10.04 LTS has unknown impact and attack vectors, a different vulnerability than CVE-2014-2405. | Openjdk | N/A | ||
2012-11-28 | CVE-2012-5373 | Oracle Java SE 7 and earlier, and OpenJDK 7 and earlier, computes hash values without properly restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table, as demonstrated by a universal multicollision attack against the MurmurHash3 algorithm, a different vulnerability than CVE-2012-2739. | Jdk, Jre, Openjdk | N/A | ||
2012-11-28 | CVE-2012-2739 | Oracle Java SE before 7 Update 6, and OpenJDK 7 before 7u6 build 12 and 8 before build 39, computes hash values without restricting the ability to trigger hash collisions predictably, which allows context-dependent attackers to cause a denial of service (CPU consumption) via crafted input to an application that maintains a hash table. | Jdk, Jre, Openjdk | N/A |