Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Project
Java
Packages
384
Stabilization
10
Outdated
51
Pull requests
17
Bugs
184
Security
19
Changelog
Security Bug Reports
<dev-java/fop-2.3: XML external entity processing vulnerability
616474 - Assigned to Gentoo Security
<dev-java/bcprov-1.65: Multiple vulnerabilities (CVE-2016-{1000338,1000339,1000340,1000341,1000342,1000343, 1000344,1000352}, CVE-2017-13098, CVE-2018-{1000180,1000613})
717950 - Assigned to Gentoo Security
<dev-java/c3p0-0.9.5.5: Denial of service ("billion laughs") by recursive XML expansion (CVE-2019-5427)
719144 - Assigned to Gentoo Security
<dev-java/dom4j-2.1.3: XML External Entity (XEE) vulnerability in default SAX parser (CVE-2020-10683)
719318 - Assigned to Gentoo Security
<dev-java/jdbc-postgresql-42.4.0: XXE vulnerability (CVE-2020-13692)
727906 - Assigned to Gentoo Security
<dev-java/junit-4.13.1: TemporaryFolder information disclosure vulnerability (CVE-2020-15250)
748402 - Assigned to Gentoo Security
<dev-java/guava-30.1.1: Multiple vulnerabilities (CVE-2018-10237, CVE-2020-8908)
760111 - Assigned to Gentoo Security
<dev-java/bcprov-1.69: Invalid password comparison logic for bcrypt (CVE-2020-28052)
760729 - Assigned to Gentoo Security
<www-apache/mod_jk-1.2.46 bypass htaccess by adding ';' at the end of an URL (CVE-2018-11759)
780051 - Assigned to Gentoo Security
<dev-java/commons-compress-1.21: multiple vulnerabilities (CVE-2021-{35515,35516,35517,36090})
802078 - Assigned to Gentoo Security
<dev-java/openjfx-11.0.11_p1: OOB read in bundled gstreamer
819633 - Assigned to Gentoo Security
<dev-java/jdbc-postgresql-42.4.1: sql injection via crafted column names
863506 - Assigned to Gentoo Security
<net-vpn/i2p-2.3.0: Eepsite deanonymization attack
911550 - Assigned to Gentoo Security
<dev-java/bcprov-1.74: LDAP injection vulnerability
912248 - Assigned to Gentoo Security
dev-java/ant-ivy: multiple vulnerabilities
916262 - Assigned to Gentoo Security
<dev-java/gradle-bin-8.4: multiple vulnerabilities
917402 - Assigned to Gentoo Security
<dev-java/json-20231013: unconstrained memory usage DoS
918529 - Assigned to Gentoo Security
<dev-java/commons-compress-1.26.0-r1: multiple vulnerabilities
924996 - Assigned to Gentoo Security
<dev-java/fop-2.10: Improper Restriction of XML External Entity Reference
941239 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.