CVE-2018-2627Oracle JDK vulnerability

8 documents6 sources
Severity
7.5HIGHNVD
EPSS
0.5%
top 35.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
9
Netapp E-series Santricity OS ControllerNetapp StoragegridNetapp Active IQ Unified Manager+6 more
Timeline
PublishedJan 18
Latest updateMay 13

Description

Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). Supported versions that are affected are Java SE: 8u152 and 9.0.1. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Java SE executes to compromise Java SE. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Java SE, attacks may significantly impact additional products. Successful attacks of th

CVSS vector

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:HExploitability: 0.8 | Impact: 6.0

Affected Packages9 packages

NVDoracle/jdk1.8.0, 9.0.1+1
NVDoracle/jre1.8.0, 9.0.1+1

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-x2mp-gcv7-74m4: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer)2022-05-13
CVEList
CVE-2018-2627: Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer)2018-01-18

📋Vendor Advisories

2
Red Hat
JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)2018-01-16
Debian
CVE-2018-2627: openjdk-8 - Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installe...2018

💬Community

3
Bugzilla
CVE-2018-3123 CVE-2019-2614 CVE-2019-2627 CVE-2019-2683 mysql:5.6/community-mysql: various flaws [fedora-28]2019-05-06
Bugzilla
CVE-2018-3123 CVE-2019-2581 CVE-2019-2592 CVE-2019-2614 CVE-2019-2627 CVE-2019-2628 CVE-2019-2683 mysql:5.7/community-mysql: various flaws [fedora-29]2019-05-06
Bugzilla
CVE-2018-2627 Oracle JDK: unspecified vulnerability fixed in 8u161 and 9.0.4 (Installer)2018-01-17
CVE-2018-2627 — Oracle JDK vulnerability | cvebase