java-1.8.0-openjdk-javadoc-zip vulnerabilities

Direct Vulnerabilities

Known vulnerabilities in the java-1.8.0-openjdk-javadoc-zip package. This does not include vulnerabilities belonging to this package’s dependencies.

How to fix?

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free
VulnerabilityVulnerable Version
  • M
Out-of-bounds Write

<1:1.8.0.412.b08-1.el7_9
  • M
Integer Overflow or Wraparound

<1:1.8.0.412.b08-1.el7_9
  • M
Improper Output Neutralization for Logs

<1:1.8.0.412.b08-1.el7_9
  • M
Uncontrolled Memory Allocation

<1:1.8.0.412.b08-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.402.b06-1.el7_9
  • H
Covert Timing Channel

<1:1.8.0.402.b06-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.402.b06-1.el7_9
  • H
Information Exposure Through Log Files

<1:1.8.0.402.b06-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.402.b06-1.el7_9
  • H
Integer Overflow or Wraparound

<1:1.8.0.402.b06-1.el7_9
  • M
Improper Certificate Validation

<1:1.8.0.392.b08-2.el7_9
  • M
Deserialization of Untrusted Data

<1:1.8.0.392.b08-2.el7_9
  • M
Out-of-bounds Read

<1:1.8.0.382.b05-1.el7_9
  • M
Directory Traversal

<1:1.8.0.382.b05-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.372.b07-1.el7_9
  • H
Improperly Implemented Security Check for Standard

<1:1.8.0.372.b07-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.372.b07-1.el7_9
  • H
Improper Neutralization of Null Byte or NUL Character

<1:1.8.0.372.b07-1.el7_9
  • H
Information Exposure

<1:1.8.0.372.b07-1.el7_9
  • H
Improper Neutralization of Null Byte or NUL Character

<1:1.8.0.372.b07-1.el7_9
  • H
Improper Enforcement of Message Integrity During Transmission in a Communication Channel

<1:1.8.0.372.b07-1.el7_9
  • M
Reliance on File Name or Extension of Externally-Supplied File

<1:1.8.0.362.b08-1.el7_9
  • M
Deserialization of Untrusted Data

<1:1.8.0.362.b08-1.el7_9
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.352.b08-2.el7_9
  • M
Resource Exhaustion

<1:1.8.0.352.b08-2.el7_9
  • M
Use of Insufficiently Random Values

<1:1.8.0.352.b08-2.el7_9
  • M
Integer Coercion Error

<1:1.8.0.352.b08-2.el7_9
  • H
Integer Coercion Error

<1:1.8.0.342.b07-1.el7_9
  • H
Improper Access Control

<1:1.8.0.342.b07-1.el7_9
  • H
Resource Leak

<1:1.8.0.342.b07-1.el7_9
  • M
CVE-2017-10176

*
  • M
Covert Timing Channel

*
  • H
Improper Use of Validation Framework

<1:1.8.0.332.b09-1.el7_9
  • H
Incorrect Behavior Order: Early Validation

<1:1.8.0.332.b09-1.el7_9
  • H
Integer Underflow

<1:1.8.0.332.b09-1.el7_9
  • H
Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')

<1:1.8.0.332.b09-1.el7_9
  • H
Resource Exhaustion

<1:1.8.0.332.b09-1.el7_9
  • M
Integer Overflow or Wraparound

<1:1.8.0.322.b06-1.el7_9
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.322.b06-1.el7_9
  • M
Improper Use of Validation Framework

<1:1.8.0.322.b06-1.el7_9
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.322.b06-1.el7_9
  • M
Integer Overflow or Wraparound

<1:1.8.0.322.b06-1.el7_9
  • M
Loop with Unreachable Exit Condition ('Infinite Loop')

<1:1.8.0.322.b06-1.el7_9
  • M
Improper Authorization

<1:1.8.0.322.b06-1.el7_9
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.322.b06-1.el7_9
  • M
Improper Use of Validation Framework

<1:1.8.0.322.b06-1.el7_9
  • M
Uncaught Exception

<1:1.8.0.322.b06-1.el7_9
  • M
Improper Cross-boundary Removal of Sensitive Data

<1:1.8.0.322.b06-1.el7_9
  • M
Deserialization of Untrusted Data

<1:1.8.0.322.b06-1.el7_9
  • H
Information Exposure

<1:1.8.0.312.b07-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.312.b07-1.el7_9
  • H
NULL Pointer Dereference

<1:1.8.0.312.b07-1.el7_9
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.312.b07-1.el7_9
  • H
Loop with Unreachable Exit Condition ('Infinite Loop')

<1:1.8.0.312.b07-1.el7_9
  • H
Incorrect Authorization

<1:1.8.0.312.b07-1.el7_9
  • H
Improper Input Validation

<1:1.8.0.312.b07-1.el7_9
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.312.b07-1.el7_9
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.312.b07-1.el7_9
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.312.b07-1.el7_9
  • H
Use of a Broken or Risky Cryptographic Algorithm

<1:1.8.0.312.b07-1.el7_9
  • C
Untrusted Search Path

<1:1.8.0.191.b12-0.el7_5
  • C
Information Exposure

<1:1.8.0.191.b12-0.el7_5
  • C
Improper Access Control

<1:1.8.0.191.b12-0.el7_5
  • C
Improper Certificate Validation

<1:1.8.0.191.b12-0.el7_5
  • C
Loop with Unreachable Exit Condition ('Infinite Loop')

<1:1.8.0.191.b12-0.el7_5
  • C
Improper Verification of Cryptographic Signature

<1:1.8.0.191.b12-0.el7_5
  • C
Improper Access Control

<1:1.8.0.191.b12-0.el7_5
  • H
Information Exposure

<1:1.8.0.302.b08-0.el7_9
  • H
Improper Verification of Cryptographic Signature

<1:1.8.0.302.b08-0.el7_9
  • H
Insufficient Comparison

<1:1.8.0.302.b08-0.el7_9
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.181-3.b13.el7_5
  • H
Sensitive Information Uncleared Before Release

<1:1.8.0.171-8.b10.el7_5
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.171-7.b10.el7
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.171-7.b10.el7
  • C
CVE-2018-2814

<1:1.8.0.171-7.b10.el7
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.171-7.b10.el7
  • C
Deserialization of Untrusted Data

<1:1.8.0.171-7.b10.el7
  • C
CVE-2018-2800

<1:1.8.0.171-7.b10.el7
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.171-7.b10.el7
  • C
Improper Verification of Cryptographic Signature

<1:1.8.0.171-7.b10.el7
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.171-7.b10.el7
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.171-7.b10.el7
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.161-0.b14.el7_4
  • H
Unsynchronized Access to Shared Data in a Multithreaded Context

<1:1.8.0.161-0.b14.el7_4
  • H
Untrusted Search Path

<1:1.8.0.161-0.b14.el7_4
  • H
Deserialization of Untrusted Data

<1:1.8.0.161-0.b14.el7_4
  • H
CVE-2018-2582

<1:1.8.0.161-0.b14.el7_4
  • H
Improper Access Control

<1:1.8.0.161-0.b14.el7_4
  • H
Improper Input Validation

<1:1.8.0.161-0.b14.el7_4
  • H
Use After Free

<1:1.8.0.161-0.b14.el7_4
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.161-0.b14.el7_4
  • H
Use of a Broken or Risky Cryptographic Algorithm

<1:1.8.0.161-0.b14.el7_4
  • H
Use of Insufficiently Random Values

<1:1.8.0.161-0.b14.el7_4
  • H
Improper Input Validation

<1:1.8.0.161-0.b14.el7_4
  • H
LDAP Injection

<1:1.8.0.161-0.b14.el7_4
  • H
Use After Free

<1:1.8.0.161-0.b14.el7_4
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.161-0.b14.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • C
CVE-2017-10355

<1:1.8.0.151-1.b12.el7_4
  • C
Insufficient Verification of Data Authenticity

<1:1.8.0.151-1.b12.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • C
Use of a Broken or Risky Cryptographic Algorithm

<1:1.8.0.151-1.b12.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • C
CVE-2017-10274

<1:1.8.0.151-1.b12.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • C
CVE-2017-10346

<1:1.8.0.151-1.b12.el7_4
  • C
CVE-2017-10285

<1:1.8.0.151-1.b12.el7_4
  • C
HTTP Response Splitting

<1:1.8.0.151-1.b12.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.151-1.b12.el7_4
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1:1.8.0.292.b10-1.el7_9
  • C
CVE-2017-10096

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10090

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10067

<1:1.8.0.141-1.b16.el7_3
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10110

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10101

<1:1.8.0.141-1.b16.el7_3
  • C
Covert Timing Channel

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10102

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10193

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10107

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10198

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10078

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10116

<1:1.8.0.141-1.b16.el7_3
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10081

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10243

<1:1.8.0.141-1.b16.el7_3
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.141-1.b16.el7_3
  • C
Integer Overflow or Wraparound

<1:1.8.0.141-1.b16.el7_3
  • C
Out-of-Bounds

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10087

<1:1.8.0.141-1.b16.el7_3
  • C
CVE-2017-10089

<1:1.8.0.141-1.b16.el7_3
  • C
Covert Timing Channel

<1:1.8.0.141-1.b16.el7_3
  • M
Improper Input Validation

<1:1.8.0.131-2.b11.el7_3
  • M
Use of a Broken or Risky Cryptographic Algorithm

<1:1.8.0.131-2.b11.el7_3
  • M
Improper Input Validation

<1:1.8.0.131-2.b11.el7_3
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.131-2.b11.el7_3
  • M
Improper Authentication

<1:1.8.0.131-2.b11.el7_3
  • M
Untrusted Search Path

<1:1.8.0.131-2.b11.el7_3
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.121-0.b13.el7_3
  • C
CVE-2017-3272

<1:1.8.0.121-0.b13.el7_3
  • C
Information Exposure

<1:1.8.0.121-0.b13.el7_3
  • C
Integer Overflow or Wraparound

<1:1.8.0.121-0.b13.el7_3
  • C
CVE-2017-3289

<1:1.8.0.121-0.b13.el7_3
  • C
Deserialization of Untrusted Data

<1:1.8.0.121-0.b13.el7_3
  • C
Improper Input Validation

<1:1.8.0.121-0.b13.el7_3
  • C
Improper Input Validation

<1:1.8.0.121-0.b13.el7_3
  • C
Allocation of Resources Without Limits or Throttling

<1:1.8.0.121-0.b13.el7_3
  • C
Covert Timing Channel

<1:1.8.0.121-0.b13.el7_3
  • C
Improper Input Validation

<1:1.8.0.121-0.b13.el7_3
  • M
Integer Overflow or Wraparound

<1:1.8.0.272.b10-1.el7_9
  • M
Improper Certificate Validation

<1:1.8.0.272.b10-1.el7_9
  • M
Cleartext Transmission of Sensitive Information

<1:1.8.0.272.b10-1.el7_9
  • M
CVE-2020-14796

<1:1.8.0.272.b10-1.el7_9
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.272.b10-1.el7_9
  • M
Improper Input Validation

<1:1.8.0.272.b10-1.el7_9
  • M
Time-of-check Time-of-use (TOCTOU)

<1:1.8.0.272.b10-1.el7_9
  • H
Uncaught Exception

<1:1.8.0.262.b10-0.el7_8
  • H
Uncaught Exception

<1:1.8.0.262.b10-0.el7_8
  • H
Out-of-Bounds

<1:1.8.0.262.b10-0.el7_8
  • H
Improper Input Validation

<1:1.8.0.262.b10-0.el7_8
  • H
CVE-2020-14577

<1:1.8.0.262.b10-0.el7_8
  • H
Out-of-Bounds

<1:1.8.0.262.b10-0.el7_8
  • H
CVE-2020-14556

<1:1.8.0.262.b10-0.el7_8
  • H
Out-of-Bounds

<1:1.8.0.252.b09-2.el7_8
  • H
Uncaught Exception

<1:1.8.0.252.b09-2.el7_8
  • H
Improper Input Validation

<1:1.8.0.252.b09-2.el7_8
  • H
CVE-2020-2781

<1:1.8.0.252.b09-2.el7_8
  • H
Uncaught Exception

<1:1.8.0.252.b09-2.el7_8
  • H
Uncaught Exception

<1:1.8.0.252.b09-2.el7_8
  • H
Uncaught Exception

<1:1.8.0.252.b09-2.el7_8
  • H
HTTP Response Splitting

<1:1.8.0.252.b09-2.el7_8
  • H
Uncaught Exception

<1:1.8.0.252.b09-2.el7_8
  • H
Incorrect Regular Expression

<1:1.8.0.252.b09-2.el7_8
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.242.b08-0.el7_7
  • H
Use of a Broken or Risky Cryptographic Algorithm

<1:1.8.0.242.b08-0.el7_7
  • H
Encoding Error

<1:1.8.0.242.b08-0.el7_7
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.242.b08-0.el7_7
  • H
Modification of Assumed-Immutable Data (MAID)

<1:1.8.0.242.b08-0.el7_7
  • H
Improper Input Validation

<1:1.8.0.242.b08-0.el7_7
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.242.b08-0.el7_7
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.232.b09-0.el7_7
  • H
Cross-site Scripting (XSS)

<1:1.8.0.232.b09-0.el7_7
  • H
Uncaught Exception

<1:1.8.0.232.b09-0.el7_7
  • H
CVE-2019-2945

<1:1.8.0.232.b09-0.el7_7
  • H
Uncaught Exception

<1:1.8.0.232.b09-0.el7_7
  • H
Uncaught Exception

<1:1.8.0.232.b09-0.el7_7
  • H
Integer Overflow or Wraparound

<1:1.8.0.232.b09-0.el7_7
  • H
Uncaught Exception

<1:1.8.0.232.b09-0.el7_7
  • H
Uncaught Exception

<1:1.8.0.232.b09-0.el7_7
  • H
CVE-2019-2978

<1:1.8.0.232.b09-0.el7_7
  • H
Cross-site Scripting (XSS)

<1:1.8.0.232.b09-0.el7_7
  • H
Insufficiently Protected Credentials

<1:1.8.0.232.b09-0.el7_7
  • H
NULL Pointer Dereference

<1:1.8.0.232.b09-0.el7_7
  • H
Improper Input Validation

<1:1.8.0.232.b09-0.el7_7
  • M
CVE-2019-2762

<1:1.8.0.222.b10-0.el7_6
  • M
Covert Timing Channel

<1:1.8.0.222.b10-0.el7_6
  • M
Allocation of Resources Without Limits or Throttling

<1:1.8.0.222.b10-0.el7_6
  • M
Improper Input Validation

<1:1.8.0.222.b10-0.el7_6
  • M
CVE-2019-2786

<1:1.8.0.222.b10-0.el7_6
  • M
Out-of-Bounds

<1:1.8.0.222.b10-0.el7_6
  • M
Information Exposure

<1:1.8.0.201.b09-0.el7_6
  • H
Out-of-bounds Write

<1:1.8.0.212.b04-0.el7_6
  • H
CVE-2019-2684

<1:1.8.0.212.b04-0.el7_6
  • H
Allocation of Resources Without Limits or Throttling

<1:1.8.0.212.b04-0.el7_6