CVE-2018-2783Oracle JDK vulnerability

8 documents8 sources
Severity
7.4HIGHNVD
EPSS
0.4%
top 40.73%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
8
Canonical Ubuntu LinuxOracle JDKOracle JRE+5 more
Timeline
PublishedApr 19
Latest updateMay 13

Description

Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security). Supported versions that are affected are Java SE: 6u181, 7u161 and 8u152; Java SE Embedded: 8u152; JRockit: R28.3.17. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded, JRockit. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:NExploitability: 2.2 | Impact: 5.2

Affected Packages7 packages

NVDoracle/jrockitr28.3.17
NVDoracle/jdk1.6.0, 1.7.0, 1.8.0+2
NVDoracle/jre1.6.0, 1.7.0, 1.8.0+2
NVDredhat/satellite5.6, 5.7, 5.8+2

Also affects: Ubuntu Linux 16.04, 17.10

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-36xm-wx7c-g2hq: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security)2022-05-13
CVEList
CVE-2018-2783: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security)2018-04-19
OSV
CVE-2018-2783: Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java SE (subcomponent: Security)2018-04-18

📋Vendor Advisories

3
Ubuntu
OpenJDK 8 vulnerabilities2018-05-11
Red Hat
JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)2018-04-17
Debian
CVE-2018-2783: openjdk-8 - Vulnerability in the Java SE, Java SE Embedded, JRockit component of Oracle Java...2018

💬Community

1
Bugzilla
CVE-2018-2783 Oracle JDK: unspecified vulnerability fixed in 6u191, 7u171, and 8u161 (Security)2018-04-18
CVE-2018-2783 — Oracle JDK vulnerability | cvebase