csaf_suse - suse-su-2023:2990-1

suse-su-2023:2990-1

Vulnerability from csaf_suse

Published

2023-07-26 15:04

Modified

2023-07-26 15:04

Summary

Security update for java-11-openjdk

Notes

Title of the patch

Security update for java-11-openjdk

Description of the patch

This update for java-11-openjdk fixes the following issues: Updated to jdk-11.0.20+8 (July 2023 CPU): - CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473). - CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474). - CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475). - CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479). - CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481). - CVE-2023-22049: Fixed vulnerability in the libraries component (bsc#1213482). - CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module (bsc#1207922). - JDK-8298676: Enhanced Look and Feel - JDK-8300285: Enhance TLS data handling - JDK-8300596: Enhance Jar Signature validation - JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1 - JDK-8302475: Enhance HTTP client file downloading - JDK-8302483: Enhance ZIP performance - JDK-8303376: Better launching of JDI - JDK-8304468: Better array usages - JDK-8305312: Enhanced path handling - JDK-8308682: Enhance AES performance Bugfixes: - JDK-8171426: java/lang/ProcessBuilder/Basic.java failed with Stream closed - JDK-8178806: Better exception logging in crypto code - JDK-8187522: test/sun/net/ftp/FtpURLConnectionLeak.java timed out - JDK-8209167: Use CLDR's time zone mappings for Windows - JDK-8209546: Make sun/security/tools/keytool/autotest.sh to support macosx - JDK-8209880: tzdb.dat is not reproducibly built - JDK-8213531: Test javax/swing/border/TestTitledBorderLeak.java fails - JDK-8214459: NSS source should be removed - JDK-8214807: Improve handling of very old class files - JDK-8215015: [TESTBUG] remove unneeded -Xfuture option from tests - JDK-8215575: C2 crash: assert(get_instanceKlass()->is_loaded()) failed: must be at least loaded - JDK-8220093: Change to GCC 8.2 for building on Linux at Oracle - JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError - JDK-8232853: AuthenticationFilter.Cache::remove may throw ConcurrentModificationException - JDK-8243936: NonWriteable system properties are actually writeable - JDK-8246383: NullPointerException in JceSecurity.getVerificationResult when using Entrust provider - JDK-8248701: On Windows generated modules-deps.gmk can contain backslash-r (CR) characters - JDK-8257856: Make ClassFileVersionsTest.java robust to JDK version updates - JDK-8259530: Generated docs contain MIT/GPL-licenced works without reproducing the licence - JDK-8263420: Incorrect function name in NSAccessibilityStaticText native peer implementation - JDK-8264290: Create implementation for NSAccessibilityComponentGroup protocol peer - JDK-8264304: Create implementation for NSAccessibilityToolbar protocol peer - JDK-8265486: ProblemList javax/sound/midi/Sequencer/Recording.java on macosx-aarch64 - JDK-8268558: [TESTBUG] Case 2 in TestP11KeyFactoryGetRSAKeySpec is skipped - JDK-8269746: C2: assert(!in->is_CFG()) failed: CFG Node with no controlling input? - JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile - JDK-8275233: Incorrect line number reported in exception stack trace thrown from a lambda expression - JDK-8275721: Name of UTC timezone in a locale changes depending on previous code - JDK-8275735: [linux] Remove deprecated Metrics api (kernel memory limit) - JDK-8276880: Remove java/lang/RuntimeTests/exec/ExecWithDir as unnecessary - JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java -add 4357905 - JDK-8278434: timeouts in test java/time/test/java/time/format/TestZoneTextPrinterParser.java - JDK-8280703: CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption - JDK-8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error - JDK-8282201: Consider removal of expiry check in VerifyCACerts.java test - JDK-8282467: add extra diagnostics for JDK-8268184 - JDK-8282600: SSLSocketImpl should not use user_canceled workaround when not necessary - JDK-8283059: Uninitialized warning in check_code.c with GCC 11.2 - JDK-8285497: Add system property for Java SE specification maintenance version - JDK-8286398: Address possibly lossy conversions in jdk.internal.le - JDK-8287007: [cgroups] Consistently use stringStream throughout parsing code - JDK-8287246: DSAKeyValue should check for missing params instead of relying on KeyFactory provider - JDK-8287876: The recently de-problemlisted TestTitledBorderLeak test is unstable - JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md with information on 4th party dependencies - JDK-8289301: P11Cipher should not throw out of bounds exception during padding - JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space - JDK-8291226: Create Test Cases to cover scenarios for JDK-8278067 - JDK-8291637: HttpClient default keep alive timeout not followed if server sends invalid value - JDK-8291638: Keep-Alive timeout of 0 should close connection immediately - JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage() is lower than expected - JDK-8293232: Fix race condition in pkcs11 SessionManager - JDK-8293815: P11PSSSignature.engineUpdate should not print debug messages during normal operation - JDK-8294548: Problem list SA core file tests on macosx-x64 due to JDK-8294316 - JDK-8294906: Memory leak in PKCS11 NSS TLS server - JDK-8295974: jni_FatalError and Xcheck:jni warnings should print the native stack when there are no Java frames - JDK-8296934: Write a test to verify whether Undecorated Framecan be iconified or not - JDK-8297000: [jib] Add more friendly warning for proxy issues - JDK-8297450: ScaledTextFieldBorderTest.java fails when run with -show parameter - JDK-8298887: On the latest macOS+XCode the Robot API may report wrong colors - JDK-8299259: C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE - JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument - JDK-8300205: Swing test bug8078268 make latch timeout configurable - JDK-8300490: Spaces in name of MacOS Code Signing Identity are not correctly handled after JDK-8293550 - JDK-8301119: Support for GB18030-2022 - JDK-8301170: perfMemory_windows.cpp add free_security_attr to early returns - JDK-8301401: Allow additional characters for GB18030-2022 support - JDK-8302151: BMPImageReader throws an exception reading BMP images - JDK-8302791: Add specific ClassLoader object to Proxy IllegalArgumentException message - JDK-8303102: jcmd: ManagementAgent.status truncates the text longer than O_BUFLEN - JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return - JDK-8303432: Bump update version for OpenJDK: jdk-11.0.20 - JDK-8303440: The 'ZonedDateTime.parse' may not accept the 'UTC+XX' zone id - JDK-8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates - JDK-8303476: Add the runtime version in the release file of a JDK image - JDK-8303482: Update LCMS to 2.15 - JDK-8303564: C2: 'Bad graph detected in build_loop_late' after a CMove is wrongly split thru phi - JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return - JDK-8303822: gtestMain should give more helpful output - JDK-8303861: Error handling step timeouts should never be blocked by OnError and others - JDK-8303937: Corrupted heap dumps due to missing retries for os::write() - JDK-8304134: jib bootstrapper fails to quote filename when checking download filetype - JDK-8304291: [AIX] Broken build after JDK-8301998 - JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998 - JDK-8304350: Font.getStringBounds calculates wrong width for TextAttribute.TRACKING other than 0.0 - JDK-8304760: Add 2 Microsoft TLS roots - JDK-8305113: (tz) Update Timezone Data to 2023c - JDK-8305400: ISO 4217 Amendment 175 Update - JDK-8305528: [11u] Backport of JDK-8259530 breaks build with JDK10 bootstrap VM - JDK-8305682: Update the javadoc in the Character class to state support for GB 18030-2022 Implementation Level 2 - JDK-8305711: Arm: C2 always enters slowpath for monitorexit - JDK-8305721: add `make compile-commands` artifacts to .gitignore - JDK-8305975: Add TWCA Global Root CA - JDK-8306543: GHA: MSVC installation is failing - JDK-8306658: GHA: MSVC installation could be optional since it might already be pre-installed - JDK-8306664: GHA: Update MSVC version to latest stepping - JDK-8306768: CodeCache Analytics reports wrong threshold - JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep - JDK-8307134: Add GTS root CAs - JDK-8307811: [TEST] compilation of TimeoutInErrorHandlingTest fails after backport of JDK-8303861 - JDK-8308006: Missing NMT memory tagging in CMS - JDK-8308884: [17u/11u] Backout JDK-8297951 - JDK-8309476: [11u] tools/jmod/hashes/HashesOrderTest.java fails intermittently - JDK-8311465: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.20

Patchnames

SUSE-2023-2990,SUSE-SLE-SERVER-12-SP5-2023-2990

CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for java-11-openjdk",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "This update for java-11-openjdk fixes the following issues:\n\n  Updated to jdk-11.0.20+8 (July 2023 CPU):\n\n  - CVE-2023-22006: Fixed vulnerability in the network component (bsc#1213473).\n  - CVE-2023-22036: Fixed vulnerability in the utility component (bsc#1213474).\n  - CVE-2023-22041: Fixed vulnerability in the hotspot component (bsc#1213475).\n  - CVE-2023-22044: Fixed vulnerability in the hotspot component (bsc#1213479).\n  - CVE-2023-22045: Fixed vulnerability in the hotspot component (bsc#1213481).\n  - CVE-2023-22049: Fixed vulnerability in the libraries component (bsc#1213482).\n  - CVE-2023-25193: Fixed vulnerability in the embedded harfbuzz module (bsc#1207922).\n\n  - JDK-8298676: Enhanced Look and Feel\n  - JDK-8300285: Enhance TLS data handling\n  - JDK-8300596: Enhance Jar Signature validation\n  - JDK-8301998, JDK-8302084: Update HarfBuzz to 7.0.1\n  - JDK-8302475: Enhance HTTP client file downloading\n  - JDK-8302483: Enhance ZIP performance\n  - JDK-8303376: Better launching of JDI\n  - JDK-8304468: Better array usages\n  - JDK-8305312: Enhanced path handling\n  - JDK-8308682: Enhance AES performance\n \n  Bugfixes:\n\n    - JDK-8171426: java/lang/ProcessBuilder/Basic.java failed with Stream closed\n    - JDK-8178806: Better exception logging in crypto code\n    - JDK-8187522: test/sun/net/ftp/FtpURLConnectionLeak.java timed out\n    - JDK-8209167: Use CLDR\u0027s time zone mappings for Windows\n    - JDK-8209546: Make sun/security/tools/keytool/autotest.sh to support macosx\n    - JDK-8209880: tzdb.dat is not reproducibly built\n    - JDK-8213531: Test javax/swing/border/TestTitledBorderLeak.java fails\n    - JDK-8214459: NSS source should be removed\n    - JDK-8214807: Improve handling of very old class files\n    - JDK-8215015: [TESTBUG] remove unneeded -Xfuture option from tests\n    - JDK-8215575: C2 crash: assert(get_instanceKlass()-\u003eis_loaded()) failed: must be at least loaded\n    - JDK-8220093: Change to GCC 8.2 for building on Linux at Oracle\n    - JDK-8227257: javax/swing/JFileChooser/4847375/bug4847375.java fails with AssertionError\n    - JDK-8232853: AuthenticationFilter.Cache::remove may throw ConcurrentModificationException\n    - JDK-8243936: NonWriteable system properties are actually writeable\n    - JDK-8246383: NullPointerException in JceSecurity.getVerificationResult when using Entrust provider\n    - JDK-8248701: On Windows generated modules-deps.gmk can contain backslash-r (CR) characters\n    - JDK-8257856: Make ClassFileVersionsTest.java robust to JDK version updates\n    - JDK-8259530: Generated docs contain MIT/GPL-licenced works without reproducing the licence\n    - JDK-8263420: Incorrect function name in NSAccessibilityStaticText native peer implementation\n    - JDK-8264290: Create implementation for NSAccessibilityComponentGroup protocol peer\n    - JDK-8264304: Create implementation for NSAccessibilityToolbar protocol peer\n    - JDK-8265486: ProblemList javax/sound/midi/Sequencer/Recording.java on macosx-aarch64\n    - JDK-8268558: [TESTBUG] Case 2 in TestP11KeyFactoryGetRSAKeySpec is skipped\n    - JDK-8269746: C2: assert(!in-\u003eis_CFG()) failed: CFG Node with no controlling input?\n    - JDK-8274864: Remove Amman/Cairo hacks in ZoneInfoFile\n    - JDK-8275233: Incorrect line number reported in exception stack trace thrown from a lambda expression\n    - JDK-8275721: Name of UTC timezone in a locale changes  depending on previous code\n    - JDK-8275735: [linux] Remove deprecated Metrics api (kernel memory limit)\n    - JDK-8276880: Remove java/lang/RuntimeTests/exec/ExecWithDir as unnecessary\n    - JDK-8277775: Fixup bugids in RemoveDropTargetCrashTest.java -add 4357905\n    - JDK-8278434: timeouts in test java/time/test/java/time/format/TestZoneTextPrinterParser.java\n    - JDK-8280703: CipherCore.doFinal(...) causes potentially massive byte[] allocations during decryption\n    - JDK-8282077: PKCS11 provider C_sign() impl should handle CKR_BUFFER_TOO_SMALL error\n    - JDK-8282201: Consider removal of expiry check in VerifyCACerts.java test\n    - JDK-8282467: add extra diagnostics for JDK-8268184\n    - JDK-8282600: SSLSocketImpl should not use user_canceled workaround when not necessary\n    - JDK-8283059: Uninitialized warning in check_code.c with GCC 11.2\n    - JDK-8285497: Add system property for Java SE specification maintenance version\n    - JDK-8286398: Address possibly lossy conversions in jdk.internal.le\n    - JDK-8287007: [cgroups] Consistently use stringStream throughout parsing code\n    - JDK-8287246: DSAKeyValue should check for missing params instead of relying on KeyFactory provider\n    - JDK-8287876: The recently de-problemlisted TestTitledBorderLeak test is unstable\n    - JDK-8287897: Augment src/jdk.internal.le/share/legal/jline.md with information on 4th party dependencies\n    - JDK-8289301: P11Cipher should not throw out of bounds exception during padding\n    - JDK-8289735: UTIL_LOOKUP_PROGS fails on pathes with space\n    - JDK-8291226: Create Test Cases to cover scenarios for JDK-8278067\n    - JDK-8291637: HttpClient default keep alive timeout not followed if server sends invalid value\n    - JDK-8291638: Keep-Alive timeout of 0 should close connection immediately\n    - JDK-8292206: TestCgroupMetrics.java fails as getMemoryUsage() is lower than expected\n    - JDK-8293232: Fix race condition in pkcs11 SessionManager\n    - JDK-8293815: P11PSSSignature.engineUpdate should not print debug messages during normal operation\n    - JDK-8294548: Problem list SA core file tests on macosx-x64 due to JDK-8294316\n    - JDK-8294906: Memory leak in PKCS11 NSS TLS server\n    - JDK-8295974: jni_FatalError and Xcheck:jni warnings should print the native stack when there are no Java frames\n    - JDK-8296934: Write a test to verify whether Undecorated Framecan be iconified or not\n    - JDK-8297000: [jib] Add more friendly warning for proxy issues\n    - JDK-8297450: ScaledTextFieldBorderTest.java fails when run with -show parameter\n    - JDK-8298887: On the latest macOS+XCode the Robot API may report wrong colors\n    - JDK-8299259: C2: Div/Mod nodes without zero check could be split through iv phi of loop resulting in SIGFPE\n    - JDK-8300079: SIGSEGV in LibraryCallKit::inline_string_copy due to constant NULL src argument\n    - JDK-8300205: Swing test bug8078268 make latch timeout configurable\n    - JDK-8300490: Spaces in name of MacOS Code Signing Identity are not correctly handled after JDK-8293550\n    - JDK-8301119: Support for GB18030-2022\n    - JDK-8301170: perfMemory_windows.cpp add free_security_attr to early returns\n    - JDK-8301401: Allow additional characters for GB18030-2022 support\n    - JDK-8302151: BMPImageReader throws an exception reading BMP images\n    - JDK-8302791: Add specific ClassLoader object to Proxy IllegalArgumentException message\n    - JDK-8303102: jcmd: ManagementAgent.status truncates the text longer than O_BUFLEN\n    - JDK-8303354: addCertificatesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return\n    - JDK-8303432: Bump update version for OpenJDK: jdk-11.0.20\n    - JDK-8303440: The \u0027ZonedDateTime.parse\u0027 may not accept the \u0027UTC+XX\u0027 zone id\n    - JDK-8303465: KeyStore of type KeychainStore, provider Apple does not show all trusted certificates\n    - JDK-8303476: Add the runtime version in the release file of a JDK image\n    - JDK-8303482: Update LCMS to 2.15\n    - JDK-8303564: C2: \u0027Bad graph detected in build_loop_late\u0027 after a CMove is wrongly split thru phi\n    - JDK-8303576: addIdentitiesToKeystore in KeystoreImpl.m needs CFRelease call in early potential CHECK_NULL return\n    - JDK-8303822: gtestMain should give more helpful output\n    - JDK-8303861: Error handling step timeouts should never be blocked by OnError and others\n    - JDK-8303937: Corrupted heap dumps due to missing retries for os::write()\n    - JDK-8304134: jib bootstrapper fails to quote filename when checking download filetype\n    - JDK-8304291: [AIX] Broken build after JDK-8301998\n    - JDK-8304295: harfbuzz build fails with GCC 7 after JDK-8301998\n    - JDK-8304350: Font.getStringBounds calculates wrong width for\n      TextAttribute.TRACKING other than 0.0\n    - JDK-8304760: Add 2 Microsoft TLS roots\n    - JDK-8305113: (tz) Update Timezone Data to 2023c\n    - JDK-8305400: ISO 4217 Amendment 175 Update\n    - JDK-8305528: [11u] Backport of JDK-8259530 breaks build with\n      JDK10 bootstrap VM\n    - JDK-8305682: Update the javadoc in the Character class to\n      state support for GB 18030-2022 Implementation Level 2\n    - JDK-8305711: Arm: C2 always enters slowpath for monitorexit\n    - JDK-8305721: add `make compile-commands` artifacts to\n      .gitignore\n    - JDK-8305975: Add TWCA Global Root CA\n    - JDK-8306543: GHA: MSVC installation is failing\n    - JDK-8306658: GHA: MSVC installation could be optional since\n      it might already be pre-installed\n    - JDK-8306664: GHA: Update MSVC version to latest stepping\n    - JDK-8306768: CodeCache Analytics reports wrong threshold\n    - JDK-8306976: UTIL_REQUIRE_SPECIAL warning on grep\n    - JDK-8307134: Add GTS root CAs\n    - JDK-8307811: [TEST] compilation of TimeoutInErrorHandlingTest fails after backport of JDK-8303861\n    - JDK-8308006: Missing NMT memory tagging in CMS\n    - JDK-8308884: [17u/11u] Backout JDK-8297951\n    - JDK-8309476: [11u] tools/jmod/hashes/HashesOrderTest.java fails intermittently\n    - JDK-8311465: [11u] Remove designator DEFAULT_PROMOTED_VERSION_PRE=ea for release 11.0.20\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-2023-2990,SUSE-SLE-SERVER-12-SP5-2023-2990",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2023_2990-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2023:2990-1",
        "url": "https://www.suse.com/support/update/announcement/2023/suse-su-20232990-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2023:2990-1",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2023-July/015666.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1207922",
        "url": "https://bugzilla.suse.com/1207922"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213473",
        "url": "https://bugzilla.suse.com/1213473"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213474",
        "url": "https://bugzilla.suse.com/1213474"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213475",
        "url": "https://bugzilla.suse.com/1213475"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213479",
        "url": "https://bugzilla.suse.com/1213479"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213481",
        "url": "https://bugzilla.suse.com/1213481"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1213482",
        "url": "https://bugzilla.suse.com/1213482"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-22006 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-22006/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-22036 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-22036/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-22041 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-22041/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-22044 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-22044/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-22045 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-22045/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-22049 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-22049/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2023-25193 page",
        "url": "https://www.suse.com/security/cve/CVE-2023-25193/"
      }
    ],
    "title": "Security update for java-11-openjdk",
    "tracking": {
      "current_release_date": "2023-07-26T15:04:42Z",
      "generator": {
        "date": "2023-07-26T15:04:42Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2023:2990-1",
      "initial_release_date": "2023-07-26T15:04:42Z",
      "revision_history": [
        {
          "date": "2023-07-26T15:04:42Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.20.0-3.61.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-11.0.20.0-3.61.1.aarch64",
                  "product_id": "java-11-openjdk-11.0.20.0-3.61.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
                  "product_id": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
                  "product_id": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
                  "product_id": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.aarch64",
                  "product_id": "java-11-openjdk-jmods-11.0.20.0-3.61.1.aarch64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.20.0-3.61.1.aarch64",
                "product": {
                  "name": "java-11-openjdk-src-11.0.20.0-3.61.1.aarch64",
                  "product_id": "java-11-openjdk-src-11.0.20.0-3.61.1.aarch64"
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.20.0-3.61.1.i586",
                "product": {
                  "name": "java-11-openjdk-11.0.20.0-3.61.1.i586",
                  "product_id": "java-11-openjdk-11.0.20.0-3.61.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.i586",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.i586",
                  "product_id": "java-11-openjdk-demo-11.0.20.0-3.61.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.i586",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.i586",
                  "product_id": "java-11-openjdk-devel-11.0.20.0-3.61.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.i586",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.i586",
                  "product_id": "java-11-openjdk-headless-11.0.20.0-3.61.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.i586",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.i586",
                  "product_id": "java-11-openjdk-jmods-11.0.20.0-3.61.1.i586"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.20.0-3.61.1.i586",
                "product": {
                  "name": "java-11-openjdk-src-11.0.20.0-3.61.1.i586",
                  "product_id": "java-11-openjdk-src-11.0.20.0-3.61.1.i586"
                }
              }
            ],
            "category": "architecture",
            "name": "i586"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-javadoc-11.0.20.0-3.61.1.noarch",
                "product": {
                  "name": "java-11-openjdk-javadoc-11.0.20.0-3.61.1.noarch",
                  "product_id": "java-11-openjdk-javadoc-11.0.20.0-3.61.1.noarch"
                }
              }
            ],
            "category": "architecture",
            "name": "noarch"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
                  "product_id": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
                  "product_id": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
                  "product_id": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
                  "product_id": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.ppc64le",
                  "product_id": "java-11-openjdk-jmods-11.0.20.0-3.61.1.ppc64le"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.20.0-3.61.1.ppc64le",
                "product": {
                  "name": "java-11-openjdk-src-11.0.20.0-3.61.1.ppc64le",
                  "product_id": "java-11-openjdk-src-11.0.20.0-3.61.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.20.0-3.61.1.s390x",
                "product": {
                  "name": "java-11-openjdk-11.0.20.0-3.61.1.s390x",
                  "product_id": "java-11-openjdk-11.0.20.0-3.61.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
                  "product_id": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
                  "product_id": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
                  "product_id": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.s390x",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.s390x",
                  "product_id": "java-11-openjdk-jmods-11.0.20.0-3.61.1.s390x"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.20.0-3.61.1.s390x",
                "product": {
                  "name": "java-11-openjdk-src-11.0.20.0-3.61.1.s390x",
                  "product_id": "java-11-openjdk-src-11.0.20.0-3.61.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-11-openjdk-11.0.20.0-3.61.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-11.0.20.0-3.61.1.x86_64",
                  "product_id": "java-11-openjdk-11.0.20.0-3.61.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
                  "product_id": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
                  "product_id": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
                  "product_id": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-jmods-11.0.20.0-3.61.1.x86_64",
                  "product_id": "java-11-openjdk-jmods-11.0.20.0-3.61.1.x86_64"
                }
              },
              {
                "category": "product_version",
                "name": "java-11-openjdk-src-11.0.20.0-3.61.1.x86_64",
                "product": {
                  "name": "java-11-openjdk-src-11.0.20.0-3.61.1.x86_64",
                  "product_id": "java-11-openjdk-src-11.0.20.0-3.61.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles:12:sp5"
                  }
                }
              },
              {
                "category": "product_name",
                "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                "product": {
                  "name": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sles_sap:12:sp5"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server 12 SP5",
          "product_id": "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64 as component of SUSE Linux Enterprise Server for SAP Applications 12 SP5",
          "product_id": "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        },
        "product_reference": "java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Enterprise Server for SAP Applications 12 SP5"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2023-22006",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-22006"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-22006",
          "url": "https://www.suse.com/security/cve/CVE-2023-22006"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213473 for CVE-2023-22006",
          "url": "https://bugzilla.suse.com/1213473"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2023-22006"
    },
    {
      "cve": "CVE-2023-22036",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-22036"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-22036",
          "url": "https://www.suse.com/security/cve/CVE-2023-22036"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213474 for CVE-2023-22036",
          "url": "https://bugzilla.suse.com/1213474"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2023-22036"
    },
    {
      "cve": "CVE-2023-22041",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-22041"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-22041",
          "url": "https://www.suse.com/security/cve/CVE-2023-22041"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213475 for CVE-2023-22041",
          "url": "https://bugzilla.suse.com/1213475"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "moderate"
        }
      ],
      "title": "CVE-2023-22041"
    },
    {
      "cve": "CVE-2023-22044",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-22044"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-22044",
          "url": "https://www.suse.com/security/cve/CVE-2023-22044"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213479 for CVE-2023-22044",
          "url": "https://bugzilla.suse.com/1213479"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2023-22044"
    },
    {
      "cve": "CVE-2023-22045",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-22045"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-22045",
          "url": "https://www.suse.com/security/cve/CVE-2023-22045"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213481 for CVE-2023-22045",
          "url": "https://bugzilla.suse.com/1213481"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2023-22045"
    },
    {
      "cve": "CVE-2023-22049",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-22049"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "unknown",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-22049",
          "url": "https://www.suse.com/security/cve/CVE-2023-22049"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213482 for CVE-2023-22049",
          "url": "https://bugzilla.suse.com/1213482"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "low"
        }
      ],
      "title": "CVE-2023-22049"
    },
    {
      "cve": "CVE-2023-25193",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2023-25193"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
          "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2023-25193",
          "url": "https://www.suse.com/security/cve/CVE-2023-25193"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1207922 for CVE-2023-25193",
          "url": "https://bugzilla.suse.com/1207922"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1213939 for CVE-2023-25193",
          "url": "https://bugzilla.suse.com/1213939"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-demo-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-devel-11.0.20.0-3.61.1.x86_64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.aarch64",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.ppc64le",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.s390x",
            "SUSE Linux Enterprise Server for SAP Applications 12 SP5:java-11-openjdk-headless-11.0.20.0-3.61.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2023-07-26T15:04:42Z",
          "details": "important"
        }
      ],
      "title": "CVE-2023-25193"
    }
  ]
}

CVE-2023-22044 (GCVE-0-2023-22044)

Vulnerability from cvelistv5

Published

2023-07-18 20:18

Modified

2025-02-13 16:43

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

References

►

URL

Tags

	https://www.oracle.com/security-alerts/cpujul2023.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/
	https://www.debian.org/security/2023/dsa-5458

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Java SE JDK and JRE	Version: Oracle Java SE:8u371-perf Version: Oracle Java SE:17.0.7 Version: Oracle Java SE:20.0.1 Version: Oracle GraalVM Enterprise Edition:21.3.6 Version: Oracle GraalVM Enterprise Edition:22.3.2 Version: Oracle GraalVM for JDK:17.0.7 Version: Oracle GraalVM for JDK:20.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:59:28.778Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5458"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2023-22044",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-09-13T16:29:00.942800Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2024-09-13T16:43:40.934Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:8u371-perf"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:20.0.1"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.6"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:22.3.2"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:20.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).  Supported versions that are affected are Oracle Java SE: 8u371-perf, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and  20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-26T03:06:16.807Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5458"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2023-22044",
    "datePublished": "2023-07-18T20:18:28.006Z",
    "dateReserved": "2022-12-17T19:26:00.754Z",
    "dateUpdated": "2025-02-13T16:43:30.316Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22036 (GCVE-0-2023-22036)

Vulnerability from cvelistv5

Published

2023-07-18 20:18

Modified

2025-02-13 16:43

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).

References

►

URL

Tags

	https://www.oracle.com/security-alerts/cpujul2023.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/
	https://www.debian.org/security/2023/dsa-5458
	https://www.debian.org/security/2023/dsa-5478
	https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Java SE JDK and JRE	Version: Oracle Java SE:11.0.19 Version: Oracle Java SE:17.0.7 Version: Oracle Java SE:20.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.10 Version: Oracle GraalVM Enterprise Edition:21.3.6 Version: Oracle GraalVM Enterprise Edition:22.3.2 Version: Oracle GraalVM for JDK:17.0.7 Version: Oracle GraalVM for JDK:20.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:59:28.789Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5478"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:11.0.19"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:20.0.1"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:20.3.10"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.6"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:22.3.2"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:20.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Utility).  Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and  20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-19T10:06:31.451Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5458"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5478"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2023-22036",
    "datePublished": "2023-07-18T20:18:20.850Z",
    "dateReserved": "2022-12-17T19:26:00.753Z",
    "dateUpdated": "2025-02-13T16:43:28.142Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22006 (GCVE-0-2023-22006)

Vulnerability from cvelistv5

Published

2023-07-18 20:18

Modified

2025-02-13 16:43

Severity ?

3.1 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N).

References

►

URL

Tags

	https://www.oracle.com/security-alerts/cpujul2023.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/
	https://www.debian.org/security/2023/dsa-5458
	https://www.debian.org/security/2023/dsa-5478
	https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Java SE JDK and JRE	Version: Oracle Java SE:11.0.19 Version: Oracle Java SE:17.0.7 Version: Oracle Java SE:20.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.10 Version: Oracle GraalVM Enterprise Edition:21.3.6 Version: Oracle GraalVM Enterprise Edition:22.3.2 Version: Oracle GraalVM for JDK:17.0.7 Version: Oracle GraalVM for JDK:20.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:59:28.529Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5478"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:11.0.19"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:20.0.1"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:20.3.10"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.6"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:22.3.2"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:20.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Networking).  Supported versions that are affected are Oracle Java SE: 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and  20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 3.1 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.1,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-19T10:06:18.688Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5458"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5478"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2023-22006",
    "datePublished": "2023-07-18T20:18:06.679Z",
    "dateReserved": "2022-12-17T19:26:00.745Z",
    "dateUpdated": "2025-02-13T16:43:22.742Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-25193 (GCVE-0-2023-25193)

Vulnerability from cvelistv5

Published

2023-02-04 00:00

Modified

2025-03-25 20:23

Severity ?

7.5 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE

Summary

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks.

References

►

URL

Tags

	https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc
	https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361
	https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/	vendor-advisory
	https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T11:18:36.255Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh"
          },
          {
            "name": "FEDORA-2023-4e6353c6f7",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/"
          },
          {
            "name": "FEDORA-2023-a48406ecd2",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 7.5,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "NONE",
              "integrityImpact": "NONE",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2023-25193",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-03-25T20:22:18.099363Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-770",
                "description": "CWE-770 Allocation of Resources Without Limits or Throttling",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-03-25T20:23:16.167Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger O(n^2) growth via consecutive marks during the process of looking back for base glyphs when attaching marks."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-07-25T00:00:00.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "url": "https://github.com/harfbuzz/harfbuzz/commit/85be877925ddbf34f74a1229f3ca1716bb6170dc"
        },
        {
          "url": "https://chromium.googlesource.com/chromium/src/+/e1f324aa681af54101c1f2d173d92adb80e37088/DEPS#361"
        },
        {
          "url": "https://github.com/harfbuzz/harfbuzz/blob/2822b589bc837fae6f66233e2cf2eef0f6ce8470/src/hb-ot-layout-gsubgpos.hh"
        },
        {
          "name": "FEDORA-2023-4e6353c6f7",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KWCHWSICWVZSAXP2YAXM65JC2GR53547/"
        },
        {
          "name": "FEDORA-2023-a48406ecd2",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YZ5M2GSAIHFPLHYJXUPQ2QDJCLWXUGO3/"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2023-25193",
    "datePublished": "2023-02-04T00:00:00.000Z",
    "dateReserved": "2023-02-04T00:00:00.000Z",
    "dateUpdated": "2025-03-25T20:23:16.167Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22045 (GCVE-0-2023-22045)

Vulnerability from cvelistv5

Published

2023-07-18 20:18

Modified

2025-02-13 16:43

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).

References

►

URL

Tags

	https://www.oracle.com/security-alerts/cpujul2023.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/
	https://www.debian.org/security/2023/dsa-5458
	https://www.debian.org/security/2023/dsa-5478
	https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Java SE JDK and JRE	Version: Oracle Java SE:8u371 Version: Oracle Java SE:8u371-perf Version: Oracle Java SE:11.0.19 Version: Oracle Java SE:17.0.7 Version: Oracle Java SE:20.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.10 Version: Oracle GraalVM Enterprise Edition:21.3.6 Version: Oracle GraalVM Enterprise Edition:22.3.2 Version: Oracle GraalVM for JDK:17.0.7 Version: Oracle GraalVM for JDK:20.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:59:28.912Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5478"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:8u371"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:8u371-perf"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:11.0.19"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:20.0.1"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:20.3.10"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.6"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:22.3.2"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:20.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).  Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and  20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "LOW",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-19T10:06:25.832Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5458"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5478"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2023-22045",
    "datePublished": "2023-07-18T20:18:28.991Z",
    "dateReserved": "2022-12-17T19:26:00.754Z",
    "dateUpdated": "2025-02-13T16:43:30.946Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22049 (GCVE-0-2023-22049)

Vulnerability from cvelistv5

Published

2023-07-18 20:18

Modified

2025-02-13 16:43

Severity ?

3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N).

References

►

URL

Tags

	https://www.oracle.com/security-alerts/cpujul2023.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/
	https://www.debian.org/security/2023/dsa-5458
	https://www.debian.org/security/2023/dsa-5478
	https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html
	https://security.netapp.com/advisory/ntap-20240621-0006/

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Java SE JDK and JRE	Version: Oracle Java SE:8u371 Version: Oracle Java SE:8u371-perf Version: Oracle Java SE:11.0.19 Version: Oracle Java SE:17.0.7 Version: Oracle Java SE:20.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.10 Version: Oracle GraalVM Enterprise Edition:21.3.6 Version: Oracle GraalVM Enterprise Edition:22.3.2 Version: Oracle GraalVM for JDK:17.0.7 Version: Oracle GraalVM for JDK:20.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:59:28.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5478"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:8u371"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:8u371-perf"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:11.0.19"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:20.0.1"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:20.3.10"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.6"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:22.3.2"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:20.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Libraries).  Supported versions that are affected are Oracle Java SE: 8u371, 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and  20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 3.7 (Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2024-06-21T19:07:14.476Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5458"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5478"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20240621-0006/"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2023-22049",
    "datePublished": "2023-07-18T20:18:32.121Z",
    "dateReserved": "2022-12-17T19:26:00.755Z",
    "dateUpdated": "2025-02-13T16:43:32.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2023-22041 (GCVE-0-2023-22041)

Vulnerability from cvelistv5

Published

2023-07-18 20:18

Modified

2025-02-13 16:43

Severity ?

5.1 (Medium) - CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

CWE

Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.

Summary

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and 20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

References

►

URL

Tags

	https://www.oracle.com/security-alerts/cpujul2023.html	vendor-advisory
	https://security.netapp.com/advisory/ntap-20230725-0006/
	https://www.debian.org/security/2023/dsa-5458
	https://www.debian.org/security/2023/dsa-5478
	https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html

Impacted products

	Vendor	Product	Version
	Oracle Corporation	Java SE JDK and JRE	Version: Oracle Java SE:8u371-perf Version: Oracle Java SE:11.0.19 Version: Oracle Java SE:17.0.7 Version: Oracle Java SE:20.0.1 Version: Oracle GraalVM Enterprise Edition:20.3.10 Version: Oracle GraalVM Enterprise Edition:21.3.6 Version: Oracle GraalVM Enterprise Edition:22.3.2 Version: Oracle GraalVM for JDK:17.0.7 Version: Oracle GraalVM for JDK:20.0.1

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-02T09:59:28.638Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "Oracle Advisory",
            "tags": [
              "vendor-advisory",
              "x_transferred"
            ],
            "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5458"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://www.debian.org/security/2023/dsa-5478"
          },
          {
            "tags": [
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Java SE JDK and JRE",
          "vendor": "Oracle Corporation",
          "versions": [
            {
              "status": "affected",
              "version": "Oracle Java SE:8u371-perf"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:11.0.19"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle Java SE:20.0.1"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:20.3.10"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:21.3.6"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM Enterprise Edition:22.3.2"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:17.0.7"
            },
            {
              "status": "affected",
              "version": "Oracle GraalVM for JDK:20.0.1"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en-US",
          "value": "Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK product of Oracle Java SE (component: Hotspot).  Supported versions that are affected are Oracle Java SE: 8u371-perf, 11.0.19, 17.0.7, 20.0.1; Oracle GraalVM Enterprise Edition: 20.3.10, 21.3.6, 22.3.2; Oracle GraalVM for JDK: 17.0.7 and  20.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.1 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N)."
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "attackComplexity": "HIGH",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 5.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
            "version": "3.1"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK executes to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK.  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM Enterprise Edition, Oracle GraalVM for JDK accessible data.",
              "lang": "en-US"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2023-09-19T10:06:13.488Z",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "name": "Oracle Advisory",
          "tags": [
            "vendor-advisory"
          ],
          "url": "https://www.oracle.com/security-alerts/cpujul2023.html"
        },
        {
          "url": "https://security.netapp.com/advisory/ntap-20230725-0006/"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5458"
        },
        {
          "url": "https://www.debian.org/security/2023/dsa-5478"
        },
        {
          "url": "https://lists.debian.org/debian-lts-announce/2023/09/msg00018.html"
        }
      ]
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2023-22041",
    "datePublished": "2023-07-18T20:18:24.914Z",
    "dateReserved": "2022-12-17T19:26:00.754Z",
    "dateUpdated": "2025-02-13T16:43:29.220Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Tags

Taxonomy of the tags.

All sightings related to this event Export sightings related to this event

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

suse-su-2023:2990-1

Vulnerability from csaf_suse

CVE-2023-22044 (GCVE-0-2023-22044)

Vulnerability from cvelistv5

CVE-2023-22036 (GCVE-0-2023-22036)

Vulnerability from cvelistv5

CVE-2023-22006 (GCVE-0-2023-22006)

Vulnerability from cvelistv5

CVE-2023-25193 (GCVE-0-2023-25193)

Vulnerability from cvelistv5

CVE-2023-22045 (GCVE-0-2023-22045)

Vulnerability from cvelistv5

CVE-2023-22049 (GCVE-0-2023-22049)

Vulnerability from cvelistv5

CVE-2023-22041 (GCVE-0-2023-22041)

Vulnerability from cvelistv5

Tags

Sightings

Nomenclature