Test ID:	1.3.6.1.4.1.25623.1.0.856839
Category:	openSUSE Local Security Checks
Title:	openSUSE Security Advisory (SUSE-SU-2024:4306-1)
Summary:	The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2024:4306-1 advisory.
Description:	Summary: The remote host is missing an update for the 'java-1_8_0-ibm' package(s) announced via the SUSE-SU-2024:4306-1 advisory. Vulnerability Insight: This update for java-1_8_0-ibm fixes the following issues: Updated to Java 8.0 Service Refresh 8 Fix Pack 35 with Oracle October 15 2024 CPU (bsc#1232064): - CVE-2024-21208: Fixed partial DoS in component Networking (bsc#1231702,JDK-8328286) - CVE-2024-21210: Fixed unauthorized update, insert or delete access to some of Oracle Java SE accessible data in component Hotspot (bsc#1231711,JDK-8328544) - CVE-2024-21217: Fixed partial DoS in component Serialization (bsc#1231716,JDK-8331446) - CVE-2024-21235: Fixed unauthorized read/write access to data in component Hotspot (bsc#1231719,JDK-8332644) Other issues fixed in past releases: - CVE-2024-3933: Fixed evaluate constant byteLenNode of arrayCopyChild (bsc#1225470) Affected Software/OS: 'java-1_8_0-ibm' package(s) on openSUSE Leap 15.5, openSUSE Leap 15.6. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:L/AC:L/Au:S/C:C/I:C/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2024-21208 Common Vulnerability Exposure (CVE) ID: CVE-2024-21210 Common Vulnerability Exposure (CVE) ID: CVE-2024-21217 Common Vulnerability Exposure (CVE) ID: CVE-2024-21235 Common Vulnerability Exposure (CVE) ID: CVE-2024-3933 https://github.com/eclipse/omr/pull/7275 https://gitlab.eclipse.org/security/cve-assignement/-/issues/21
Copyright	Copyright (C) 2024 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.