Oracle Openjdk vulnerabilities
98 known vulnerabilities affecting oracle/openjdk.
Total CVEs
98
CISA KEV
1
actively exploited
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL4HIGH15MEDIUM51LOW28
Vulnerabilities
Page 1 of 5
CVE-2024-20952HIGHCVSS 7.4≥ 11, < 11.0.24≥ 17, < 17.0.10+2 more2024-01-16
CVE-2024-20952 [HIGH] CWE-284 CVE-2024-20952: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Diffi
nvd
CVE-2023-21930HIGHCVSS 7.4fixed in 8≥ 11, ≤ 11.0.18+3 more2023-04-18
CVE-2023-21930 [HIGH] CVE-2023-21930: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access
nvd
CVE-2023-21954MEDIUMCVSS 5.9fixed in 8≥ 11, ≤ 11.0.18+3 more2023-04-18
CVE-2023-21954 [MEDIUM] CVE-2023-21954: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network acces
nvd
CVE-2023-21939MEDIUMCVSS 5.3fixed in 8≥ 11, ≤ 11.0.18+3 more2023-04-18
CVE-2023-21939 [MEDIUM] CVE-2023-21939: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Easily exploitable vulnerability allows unauthenticated attacker with network acces
nvd
CVE-2023-21967MEDIUMCVSS 5.9fixed in 8≥ 11, ≤ 11.0.18+3 more2023-04-18
CVE-2023-21967 [MEDIUM] CVE-2023-21967: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network acce
nvd
CVE-2023-21938LOWCVSS 3.7fixed in 8≥ 11, ≤ 11.0.18+3 more2023-04-18
CVE-2023-21938 [LOW] CVE-2023-21938: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.8, 21.3.4 and 22.3.0. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
nvd
CVE-2023-21937LOWCVSS 3.7fixed in 8≥ 11, ≤ 11.0.18+3 more2023-04-18
CVE-2023-21937 [LOW] CVE-2023-21937: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network a
nvd
CVE-2023-21968LOWCVSS 3.7≥ 11, ≤ 11.0.18≥ 17, ≤ 17.0.6+2 more2023-04-18
CVE-2023-21968 [LOW] CVE-2023-21968: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit vulnerability allows unauthenticated attacker with network ac
nvd
CVE-2022-34169HIGHCVSS 7.5≥ 11, ≤ 11.0.15≥ 13, ≤ 13.0.11+5 more2022-07-19
CVE-2022-34169 [HIGH] CWE-681 CVE-2022-34169: The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing mali
The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. Users are recommended to update to version 2.7.3 or later. Note: Java runtimes (such as OpenJDK) include r
nvd
CVE-2022-21540MEDIUMCVSS 5.3≥ 11, ≤ 11.0.15≥ 13, ≤ 13.0.11+5 more2022-07-19
CVE-2022-21540 [MEDIUM] CVE-2022-21540: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Easily exploitable vulnerability allows unauthenticated attacker with networ
nvd
CVE-2022-21541MEDIUMCVSS 5.9≥ 11, ≤ 11.0.15≥ 13, ≤ 13.0.11+5 more2022-07-19
CVE-2022-21541 [MEDIUM] CVE-2022-21541: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u343, 8u333, 11.0.15.1, 17.0.3.1, 18.0.1.1; Oracle GraalVM Enterprise Edition: 20.3.6, 21.3.2 and 22.1.0. Difficult to exploit vulnerability allows unauthenticated attacker with netw
nvd
CVE-2022-21476HIGHCVSS 7.5≥ 11, ≤ 11.0.14≥ 13, ≤ 13.0.10+5 more2022-04-19
CVE-2022-21476 [HIGH] CVE-2022-21476: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u331, 8u321, 11.0.14, 17.0.2, 18; Oracle GraalVM Enterprise Edition: 20.3.5, 21.3.1 and 22.0.0.2. Easily exploitable vulnerability allows unauthenticated attacker with network access
nvd
CVE-2022-21283MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21283 [MEDIUM] CVE-2022-21283: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to
nvd
CVE-2022-21365MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21365 [MEDIUM] CVE-2022-21365: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ImageIO). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21282MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21282 [MEDIUM] CVE-2022-21282: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro
nvd
CVE-2022-21305MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21305 [MEDIUM] CVE-2022-21305: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21340MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21340 [MEDIUM] CVE-2022-21340: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl
nvd
CVE-2022-21291MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+3 more2022-01-19
CVE-2022-21291 [MEDIUM] CVE-2022-21291: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple
nvd
CVE-2022-21296MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21296 [MEDIUM] CVE-2022-21296: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple pro
nvd
CVE-2022-21293MEDIUMCVSS 5.3≥ 11, ≤ 11.0.13≥ 13, ≤ 13.0.9+5 more2022-01-19
CVE-2022-21293 [MEDIUM] CVE-2022-21293: Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (co
Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 7u321, 8u311, 11.0.13, 17.0.1; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multipl
nvd
1 / 5Next →