java-1.6.0-openjdk-demo vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the java-1.6.0-openjdk-demo package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Improper Input Validation	*
M CVE-2024-21131	*
M CVE-2024-21140	*
M Out-of-bounds Read	*
H CVE-2024-21147	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Integer Overflow or Wraparound	*
M Allocation of Resources Without Limits or Throttling	*
M Integer Overflow or Wraparound	*
M Allocation of Resources Without Limits or Throttling	*
M Deserialization of Untrusted Data	*
M Improper Use of Validation Framework	*
M Improper Output Neutralization for Logs	*
M Out-of-bounds Write	*
M Uncontrolled Memory Allocation	*
M Integer Overflow or Wraparound	*
M Improper Input Validation	*
H Covert Timing Channel	*
M Improper Input Validation	*
M Information Exposure Through Log Files	*
M Improper Input Validation	*
H Integer Overflow or Wraparound	*
M Improper Certificate Validation	*
M Deserialization of Untrusted Data	*
L Out-of-bounds Read	*
M Directory Traversal	*
L Improper Input Validation	*
M Improperly Implemented Security Check for Standard	*
M Improper Input Validation	*
L Improper Neutralization of Null Byte or NUL Character	*
M Information Exposure	*
L Improper Neutralization of Null Byte or NUL Character	*
H Improper Enforcement of Message Integrity During Transmission in a Communication Channel	*
L Reliance on File Name or Extension of Externally-Supplied File	*
M Deserialization of Untrusted Data	*
M Allocation of Resources Without Limits or Throttling	*
M Resource Exhaustion	*
L Use of Insufficiently Random Values	*
L Integer Coercion Error	*
H Integer Coercion Error	*
M Improper Access Control	*
M Resource Leak	*
M Improper Use of Validation Framework	*
H Incorrect Behavior Order: Early Validation	*
M Integer Underflow	*
M Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	*
M Resource Exhaustion	*
M Loop with Unreachable Exit Condition ('Infinite Loop')	*
M Improper Authorization	*
M Allocation of Resources Without Limits or Throttling	*
M Improper Use of Validation Framework	*
M Uncaught Exception	*
M Improper Cross-boundary Removal of Sensitive Data	*
H CVE-2016-5554	<1:1.6.0.41-1.13.13.1.el7_3
H Access of Resource Using Incompatible Type ('Type Confusion')	<1:1.6.0.41-1.13.13.1.el7_3
H Use of a Broken or Risky Cryptographic Algorithm	<1:1.6.0.41-1.13.13.1.el7_3
H Cleartext Transmission of Sensitive Information	<1:1.6.0.41-1.13.13.1.el7_3
H Improper Input Validation	<1:1.6.0.41-1.13.13.1.el7_3
H Allocation of Resources Without Limits or Throttling	<1:1.6.0.40-1.13.12.5.el7_2
H Allocation of Resources Without Limits or Throttling	<1:1.6.0.40-1.13.12.5.el7_2
H CVE-2016-3458	<1:1.6.0.40-1.13.12.5.el7_2
H Integer Overflow or Wraparound	<1:1.6.0.40-1.13.12.5.el7_2
H CVE-2016-3606	<1:1.6.0.40-1.13.12.5.el7_2
C CVE-2016-3427	<1:1.6.0.39-1.13.11.0.el7_2
C CVE-2016-0687	<1:1.6.0.39-1.13.11.0.el7_2
C CVE-2016-3425	<1:1.6.0.39-1.13.11.0.el7_2
C CVE-2016-0686	<1:1.6.0.39-1.13.11.0.el7_2
C CVE-2016-0695	<1:1.6.0.39-1.13.11.0.el7_2
H Incorrect Conversion between Numeric Types	<1:1.6.0.38-1.13.10.0.el7_2
H CVE-2016-0402	<1:1.6.0.38-1.13.10.0.el7_2
H CVE-2016-0466	<1:1.6.0.38-1.13.10.0.el7_2
H Out-of-bounds Write	<1:1.6.0.38-1.13.10.0.el7_2
H Information Exposure Through Log Files	<1:1.6.0.38-1.13.10.0.el7_2
H CVE-2015-4844	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4883	<1:1.6.0.37-1.13.9.4.el7_1
H Information Exposure	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4882	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4911	<1:1.6.0.37-1.13.9.4.el7_1
H Algorithmic Complexity	<1:1.6.0.37-1.13.9.4.el7_1
H Information Exposure	<1:1.6.0.37-1.13.9.4.el7_1
H Incorrect Conversion between Numeric Types	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4835	<1:1.6.0.37-1.13.9.4.el7_1
H Allocation of Resources Without Limits or Throttling	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4860	<1:1.6.0.37-1.13.9.4.el7_1
H Improper Initialization	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4881	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4903	<1:1.6.0.37-1.13.9.4.el7_1
H Improper Input Validation	<1:1.6.0.37-1.13.9.4.el7_1
H CVE-2015-4872	<1:1.6.0.37-1.13.9.4.el7_1
H Improper Certificate Validation	<1:1.6.0.36-1.13.8.1.el7_1
H Out-of-bounds Write	<1:1.6.0.36-1.13.8.1.el7_1
H CVE-2015-2621	<1:1.6.0.36-1.13.8.1.el7_1
H Improper Check for Certificate Revocation	<1:1.6.0.36-1.13.8.1.el7_1
H Access of Resource Using Incompatible Type ('Type Confusion')	<1:1.6.0.36-1.13.8.1.el7_1
H CVE-2015-4733	<1:1.6.0.36-1.13.8.1.el7_1
H Missing Release of Resource after Effective Lifetime	<1:1.6.0.36-1.13.8.1.el7_1
H Covert Timing Channel	<1:1.6.0.36-1.13.8.1.el7_1
H CVE-2015-2590	<1:1.6.0.36-1.13.8.1.el7_1
H Integer Overflow or Wraparound	<1:1.6.0.36-1.13.8.1.el7_1
H Unsynchronized Access to Shared Data in a Multithreaded Context	<1:1.6.0.36-1.13.8.1.el7_1
H CVE-2015-4731	<1:1.6.0.36-1.13.8.1.el7_1
H Use of a Broken or Risky Cryptographic Algorithm	<1:1.6.0.36-1.13.8.1.el7_1
H Use of a Broken or Risky Cryptographic Algorithm	<1:1.6.0.36-1.13.8.1.el7_1
H Directory Traversal	<1:1.6.0.35-1.13.7.1.el7_1
H Uncaught Exception	<1:1.6.0.35-1.13.7.1.el7_1
H Off-by-one Error	<1:1.6.0.35-1.13.7.1.el7_1
H Directory Traversal	<1:1.6.0.35-1.13.7.1.el7_1
H CVE-2015-0460	<1:1.6.0.35-1.13.7.1.el7_1
H CVE-2015-0477	<1:1.6.0.35-1.13.7.1.el7_1
H Improperly Implemented Security Check for Standard	<1:1.6.0.35-1.13.7.1.el7_1
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2014-6593	<1:1.6.0.34-1.13.6.1.el7_0
H Out-of-bounds Read	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2015-0408	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2015-0407	<1:1.6.0.34-1.13.6.1.el7_0
H NULL Pointer Dereference	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2015-0395	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2014-6601	<1:1.6.0.34-1.13.6.1.el7_0
H Insecure Temporary File	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2015-0412	<1:1.6.0.34-1.13.6.1.el7_0
H Out-of-bounds Read	<1:1.6.0.34-1.13.6.1.el7_0
H Not Failing Securely ('Failing Open')	<1:1.6.0.34-1.13.6.1.el7_0
H CVE-2014-6506	<1:1.6.0.33-1.13.5.0.el7_0
H Insufficient Verification of Data Authenticity	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6504	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6502	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6511	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6517	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6519	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6531	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6457	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-6558	<1:1.6.0.33-1.13.5.0.el7_0
H CVE-2014-4252	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4216	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4209	<1:1.6.0.0-6.1.13.4.el7_0
H Use of Externally-Controlled Format String	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4263	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4218	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4262	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4219	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4244	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-4266	<1:1.6.0.0-6.1.13.4.el7_0
H CVE-2014-2414	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2421	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0453	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0452	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0460	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0429	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2397	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0461	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2398	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2412	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0457	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0458	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2427	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0446	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2423	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-2403	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0456	<1:1.6.0.0-6.1.13.3.el7_0
H CVE-2014-0451	<1:1.6.0.0-6.1.13.3.el7_0
H Insecure Temporary File	<1:1.6.0.0-6.1.13.3.el7_0

Vulnerability

Vulnerable Version

Improper Input Validation

Loop with Unreachable Exit Condition ('Infinite Loop')

Integer Overflow or Wraparound

Allocation of Resources Without Limits or Throttling

Integer Overflow or Wraparound

Allocation of Resources Without Limits or Throttling

Deserialization of Untrusted Data

Improper Use of Validation Framework

Improper Output Neutralization for Logs

Out-of-bounds Write

Uncontrolled Memory Allocation

Integer Overflow or Wraparound

Improper Input Validation

Covert Timing Channel

Improper Input Validation

Information Exposure Through Log Files

Improper Input Validation

Integer Overflow or Wraparound

Improper Certificate Validation

Deserialization of Untrusted Data

Out-of-bounds Read

Directory Traversal

Improper Input Validation

Improperly Implemented Security Check for Standard

Improper Input Validation

Improper Neutralization of Null Byte or NUL Character

Information Exposure

Improper Neutralization of Null Byte or NUL Character

Improper Enforcement of Message Integrity During Transmission in a Communication Channel

Reliance on File Name or Extension of Externally-Supplied File

Deserialization of Untrusted Data

Allocation of Resources Without Limits or Throttling

Resource Exhaustion

Use of Insufficiently Random Values

Integer Coercion Error

Improper Access Control

Resource Leak

Improper Use of Validation Framework

Incorrect Behavior Order: Early Validation

Integer Underflow

Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

Resource Exhaustion

Loop with Unreachable Exit Condition ('Infinite Loop')

Improper Authorization

Allocation of Resources Without Limits or Throttling

Improper Use of Validation Framework

Uncaught Exception

Improper Cross-boundary Removal of Sensitive Data

CVE-2016-5554

<1:1.6.0.41-1.13.13.1.el7_3

Access of Resource Using Incompatible Type ('Type Confusion')

<1:1.6.0.41-1.13.13.1.el7_3

Use of a Broken or Risky Cryptographic Algorithm

<1:1.6.0.41-1.13.13.1.el7_3

Cleartext Transmission of Sensitive Information

<1:1.6.0.41-1.13.13.1.el7_3

Improper Input Validation

<1:1.6.0.41-1.13.13.1.el7_3

Allocation of Resources Without Limits or Throttling

<1:1.6.0.40-1.13.12.5.el7_2

Allocation of Resources Without Limits or Throttling

<1:1.6.0.40-1.13.12.5.el7_2

CVE-2016-3458

<1:1.6.0.40-1.13.12.5.el7_2

Integer Overflow or Wraparound

<1:1.6.0.40-1.13.12.5.el7_2

CVE-2016-3606

<1:1.6.0.40-1.13.12.5.el7_2

CVE-2016-3427

<1:1.6.0.39-1.13.11.0.el7_2

CVE-2016-0687

<1:1.6.0.39-1.13.11.0.el7_2

CVE-2016-3425

<1:1.6.0.39-1.13.11.0.el7_2

CVE-2016-0686

<1:1.6.0.39-1.13.11.0.el7_2

CVE-2016-0695

<1:1.6.0.39-1.13.11.0.el7_2

Incorrect Conversion between Numeric Types

<1:1.6.0.38-1.13.10.0.el7_2

CVE-2016-0402

<1:1.6.0.38-1.13.10.0.el7_2

CVE-2016-0466

<1:1.6.0.38-1.13.10.0.el7_2

Out-of-bounds Write

<1:1.6.0.38-1.13.10.0.el7_2

Information Exposure Through Log Files

<1:1.6.0.38-1.13.10.0.el7_2

CVE-2015-4844

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4883

<1:1.6.0.37-1.13.9.4.el7_1

Information Exposure

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4882

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4911

<1:1.6.0.37-1.13.9.4.el7_1

Algorithmic Complexity

<1:1.6.0.37-1.13.9.4.el7_1

Information Exposure

<1:1.6.0.37-1.13.9.4.el7_1

Incorrect Conversion between Numeric Types

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4835

<1:1.6.0.37-1.13.9.4.el7_1

Allocation of Resources Without Limits or Throttling

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4860

<1:1.6.0.37-1.13.9.4.el7_1

Improper Initialization

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4881

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4903

<1:1.6.0.37-1.13.9.4.el7_1

Improper Input Validation

<1:1.6.0.37-1.13.9.4.el7_1

CVE-2015-4872

<1:1.6.0.37-1.13.9.4.el7_1

Improper Certificate Validation

<1:1.6.0.36-1.13.8.1.el7_1

Out-of-bounds Write

<1:1.6.0.36-1.13.8.1.el7_1

CVE-2015-2621

<1:1.6.0.36-1.13.8.1.el7_1

Improper Check for Certificate Revocation

<1:1.6.0.36-1.13.8.1.el7_1

Access of Resource Using Incompatible Type ('Type Confusion')

<1:1.6.0.36-1.13.8.1.el7_1

CVE-2015-4733

<1:1.6.0.36-1.13.8.1.el7_1

Missing Release of Resource after Effective Lifetime

<1:1.6.0.36-1.13.8.1.el7_1

Covert Timing Channel

<1:1.6.0.36-1.13.8.1.el7_1

CVE-2015-2590

<1:1.6.0.36-1.13.8.1.el7_1

Integer Overflow or Wraparound

<1:1.6.0.36-1.13.8.1.el7_1

Unsynchronized Access to Shared Data in a Multithreaded Context

<1:1.6.0.36-1.13.8.1.el7_1

CVE-2015-4731

<1:1.6.0.36-1.13.8.1.el7_1

Use of a Broken or Risky Cryptographic Algorithm

<1:1.6.0.36-1.13.8.1.el7_1

Use of a Broken or Risky Cryptographic Algorithm

<1:1.6.0.36-1.13.8.1.el7_1

Directory Traversal

<1:1.6.0.35-1.13.7.1.el7_1

Uncaught Exception

<1:1.6.0.35-1.13.7.1.el7_1

Off-by-one Error

<1:1.6.0.35-1.13.7.1.el7_1

Directory Traversal

<1:1.6.0.35-1.13.7.1.el7_1

CVE-2015-0460

<1:1.6.0.35-1.13.7.1.el7_1

CVE-2015-0477

<1:1.6.0.35-1.13.7.1.el7_1

Improperly Implemented Security Check for Standard

<1:1.6.0.35-1.13.7.1.el7_1

Loop with Unreachable Exit Condition ('Infinite Loop')

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2014-6593

<1:1.6.0.34-1.13.6.1.el7_0

Out-of-bounds Read

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2015-0408

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2015-0407

<1:1.6.0.34-1.13.6.1.el7_0

NULL Pointer Dereference

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2015-0395

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2014-6601

<1:1.6.0.34-1.13.6.1.el7_0

Insecure Temporary File

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2015-0412

<1:1.6.0.34-1.13.6.1.el7_0

Out-of-bounds Read

<1:1.6.0.34-1.13.6.1.el7_0

Not Failing Securely ('Failing Open')

<1:1.6.0.34-1.13.6.1.el7_0

CVE-2014-6506

<1:1.6.0.33-1.13.5.0.el7_0

Insufficient Verification of Data Authenticity

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6504

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6502

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6511

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6517

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6519

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6531

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6457

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-6558

<1:1.6.0.33-1.13.5.0.el7_0

CVE-2014-4252

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4216

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4209

<1:1.6.0.0-6.1.13.4.el7_0

Use of Externally-Controlled Format String

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4263

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4218

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4262

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4219

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4244

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-4266

<1:1.6.0.0-6.1.13.4.el7_0

CVE-2014-2414

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2421

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0453

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0452

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0460

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0429

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2397

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0461

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2398

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2412

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0457

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0458

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2427

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0446

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2423

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-2403

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0456

<1:1.6.0.0-6.1.13.3.el7_0

CVE-2014-0451

<1:1.6.0.0-6.1.13.3.el7_0

Insecure Temporary File

<1:1.6.0.0-6.1.13.3.el7_0