java-11-openjdk-src vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the java-11-openjdk-src package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
M Improper Output Neutralization for Logs	<1:11.0.23.0.9-2.el7_9
M Out-of-bounds Write	<1:11.0.23.0.9-2.el7_9
M Reliance on Reverse DNS Resolution for a Security-Critical Action	<1:11.0.23.0.9-2.el7_9
M Uncontrolled Memory Allocation	<1:11.0.23.0.9-2.el7_9
M Integer Overflow or Wraparound	<1:11.0.23.0.9-2.el7_9
H Improper Input Validation	<1:11.0.22.0.7-1.el7_9
H Covert Timing Channel	<1:11.0.22.0.7-1.el7_9
H Information Exposure Through Log Files	<1:11.0.22.0.7-1.el7_9
H Improper Input Validation	<1:11.0.22.0.7-1.el7_9
H Improper Input Validation	<1:11.0.22.0.7-1.el7_9
H Integer Overflow or Wraparound	<1:11.0.22.0.7-1.el7_9
M Improper Certificate Validation	<1:11.0.21.0.9-1.el7_9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:11.0.20.0.8-1.el7_9
M Small Space of Random Values	<1:11.0.20.0.8-1.el7_9
M Out-of-bounds Read	<1:11.0.20.0.8-1.el7_9
M Directory Traversal	<1:11.0.20.0.8-1.el7_9
M Directory Traversal	<1:11.0.20.0.8-1.el7_9
H Improper Input Validation	<1:11.0.19.0.7-1.el7_9
H Improperly Implemented Security Check for Standard	<1:11.0.19.0.7-1.el7_9
H Improper Input Validation	<1:11.0.19.0.7-1.el7_9
H Improper Neutralization of Null Byte or NUL Character	<1:11.0.19.0.7-1.el7_9
H Information Exposure	<1:11.0.19.0.7-1.el7_9
H Improper Neutralization of Null Byte or NUL Character	<1:11.0.19.0.7-1.el7_9
H Improper Enforcement of Message Integrity During Transmission in a Communication Channel	<1:11.0.19.0.7-1.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.20.0.8-1.el7_9
M Resource Exhaustion	<1:11.0.18.0.10-1.el7_9
M Reliance on File Name or Extension of Externally-Supplied File	<1:11.0.18.0.10-1.el7_9
M Authentication Bypass	<1:11.0.17.0.8-2.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.17.0.8-2.el7_9
M Resource Exhaustion	<1:11.0.17.0.8-2.el7_9
M Use of Insufficiently Random Values	<1:11.0.17.0.8-2.el7_9
M Integer Coercion Error	<1:11.0.17.0.8-2.el7_9
M Buffer Overflow	<1:11.0.17.0.8-2.el7_9
H Integer Coercion Error	<1:11.0.16.0.8-1.el7_9
H Improper Access Control	<1:11.0.16.0.8-1.el7_9
H Resource Leak	<1:11.0.16.0.8-1.el7_9
H Improper Use of Validation Framework	<1:11.0.15.0.9-2.el7_9
H Incorrect Behavior Order: Early Validation	<1:11.0.15.0.9-2.el7_9
H Integer Underflow	<1:11.0.15.0.9-2.el7_9
H Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection')	<1:11.0.15.0.9-2.el7_9
H Resource Exhaustion	<1:11.0.15.0.9-2.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.14.0.9-1.el7_9
M Integer Overflow or Wraparound	<1:11.0.14.0.9-1.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.14.0.9-1.el7_9
M Improper Use of Validation Framework	<1:11.0.14.0.9-1.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.14.0.9-1.el7_9
M Integer Overflow or Wraparound	<1:11.0.14.0.9-1.el7_9
M Loop with Unreachable Exit Condition ('Infinite Loop')	<1:11.0.14.0.9-1.el7_9
M Improper Authorization	<1:11.0.14.0.9-1.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.14.0.9-1.el7_9
M Improper Use of Validation Framework	<1:11.0.14.0.9-1.el7_9
M Out-of-bounds Write	<1:11.0.14.0.9-1.el7_9
M Uncaught Exception	<1:11.0.14.0.9-1.el7_9
M Improper Cross-boundary Removal of Sensitive Data	<1:11.0.14.0.9-1.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.14.0.9-1.el7_9
M Deserialization of Untrusted Data	<1:11.0.14.0.9-1.el7_9
H Information Exposure	<1:11.0.13.0.8-1.el7_9
H NULL Pointer Dereference	<1:11.0.13.0.8-1.el7_9
H Allocation of Resources Without Limits or Throttling	<1:11.0.13.0.8-1.el7_9
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:11.0.13.0.8-1.el7_9
H Incorrect Authorization	<1:11.0.13.0.8-1.el7_9
H Improper Input Validation	<1:11.0.13.0.8-1.el7_9
H Allocation of Resources Without Limits or Throttling	<1:11.0.13.0.8-1.el7_9
H Allocation of Resources Without Limits or Throttling	<1:11.0.13.0.8-1.el7_9
H Allocation of Resources Without Limits or Throttling	<1:11.0.13.0.8-1.el7_9
H Use of a Broken or Risky Cryptographic Algorithm	<1:11.0.13.0.8-1.el7_9
C CVE-2018-3150	<1:11.0.1.13-3.el7_6
C Untrusted Search Path	<1:11.0.1.13-3.el7_6
C Information Exposure	<1:11.0.1.13-3.el7_6
C Improper Access Control	<1:11.0.1.13-3.el7_6
C Improper Certificate Validation	<1:11.0.1.13-3.el7_6
C Improper Verification of Cryptographic Signature	<1:11.0.1.13-3.el7_6
C Improper Access Control	<1:11.0.1.13-3.el7_6
H Information Exposure	<1:11.0.12.0.7-0.el7_9
H Improper Verification of Cryptographic Signature	<1:11.0.12.0.7-0.el7_9
H Insufficient Comparison	<1:11.0.12.0.7-0.el7_9
M Use of a Broken or Risky Cryptographic Algorithm	<1:11.0.11.0.9-1.el7_9
M Integer Overflow or Wraparound	<1:11.0.9.11-0.el7_9
M Improper Certificate Validation	<1:11.0.9.11-0.el7_9
M Cleartext Transmission of Sensitive Information	<1:11.0.9.11-0.el7_9
M CVE-2020-14796	<1:11.0.9.11-0.el7_9
M Allocation of Resources Without Limits or Throttling	<1:11.0.9.11-0.el7_9
M Improper Input Validation	<1:11.0.9.11-0.el7_9
M Time-of-check Time-of-use (TOCTOU)	<1:11.0.9.11-0.el7_9
H CVE-2020-14573	<1:11.0.8.10-0.el7_8
H Allocation of Resources Without Limits or Throttling	<1:11.0.8.10-0.el7_8
H Out-of-Bounds	<1:11.0.8.10-0.el7_8
H Improper Input Validation	<1:11.0.8.10-0.el7_8
H CVE-2020-14577	<1:11.0.8.10-0.el7_8
H Out-of-Bounds	<1:11.0.8.10-0.el7_8
H CVE-2020-14556	<1:11.0.8.10-0.el7_8
H Use of a Broken or Risky Cryptographic Algorithm	<1:11.0.7.10-4.el7_8
H Out-of-Bounds	<1:11.0.7.10-4.el7_8
H Uncaught Exception	<1:11.0.7.10-4.el7_8
H Improperly Implemented Security Check for Standard	<1:11.0.7.10-4.el7_8
H Improper Input Validation	<1:11.0.7.10-4.el7_8
H Improperly Implemented Security Check for Standard	<1:11.0.7.10-4.el7_8
H CVE-2020-2781	<1:11.0.7.10-4.el7_8
H Uncaught Exception	<1:11.0.7.10-4.el7_8
H Uncaught Exception	<1:11.0.7.10-4.el7_8
H Uncaught Exception	<1:11.0.7.10-4.el7_8
H HTTP Response Splitting	<1:11.0.7.10-4.el7_8
H Uncaught Exception	<1:11.0.7.10-4.el7_8
H Incorrect Regular Expression	<1:11.0.7.10-4.el7_8
H Use of a Broken or Risky Cryptographic Algorithm	<1:11.0.6.10-1.el7_7
H Encoding Error	<1:11.0.6.10-1.el7_7
H Allocation of Resources Without Limits or Throttling	<1:11.0.6.10-1.el7_7
H Modification of Assumed-Immutable Data (MAID)	<1:11.0.6.10-1.el7_7
H Improper Enforcement of Behavioral Workflow	<1:11.0.6.10-1.el7_7
H Improper Input Validation	<1:11.0.6.10-1.el7_7
H Allocation of Resources Without Limits or Throttling	<1:11.0.6.10-1.el7_7
H Allocation of Resources Without Limits or Throttling	<1:11.0.5.10-0.el7_7
H Cross-site Scripting (XSS)	<1:11.0.5.10-0.el7_7
H Uncaught Exception	<1:11.0.5.10-0.el7_7
H Out-of-bounds Read	<1:11.0.5.10-0.el7_7
H CVE-2019-2945	<1:11.0.5.10-0.el7_7
H Uncaught Exception	<1:11.0.5.10-0.el7_7
H Uncaught Exception	<1:11.0.5.10-0.el7_7
H Integer Overflow or Wraparound	<1:11.0.5.10-0.el7_7
H Uncaught Exception	<1:11.0.5.10-0.el7_7
H Uncaught Exception	<1:11.0.5.10-0.el7_7
H CVE-2019-2978	<1:11.0.5.10-0.el7_7
H Cross-site Scripting (XSS)	<1:11.0.5.10-0.el7_7
H Insufficiently Protected Credentials	<1:11.0.5.10-0.el7_7
H NULL Pointer Dereference	<1:11.0.5.10-0.el7_7
H Improper Input Validation	<1:11.0.5.10-0.el7_7
M Improperly Implemented Security Check for Standard	<1:11.0.4.11-0.el7_6
M Covert Timing Channel	<1:11.0.4.11-0.el7_6
M CVE-2019-2762	<1:11.0.4.11-0.el7_6
M Covert Timing Channel	<1:11.0.4.11-0.el7_6
M Allocation of Resources Without Limits or Throttling	<1:11.0.4.11-0.el7_6
M Improper Input Validation	<1:11.0.4.11-0.el7_6
M CVE-2019-2786	<1:11.0.4.11-0.el7_6
M Information Exposure	<1:11.0.2.7-0.el7_6
M CVE-2019-2684	<1:11.0.3.7-0.el7_6
M Allocation of Resources Without Limits or Throttling	<1:11.0.3.7-0.el7_6