Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Project
Java
Packages
380
Stabilization
5
Outdated
49
Pull requests
0
Bugs
158
Security
20
Changelog
Security Bug Reports
<dev-java/fop-2.3: XML external entity processing vulnerability
616474 - Assigned to Gentoo Security
<dev-java/bcprov-1.65: Multiple vulnerabilities (CVE-2016-{1000338,1000339,1000340,1000341,1000342,1000343, 1000344,1000352}, CVE-2017-13098, CVE-2018-{1000180,1000613})
717950 - Assigned to Gentoo Security
<dev-java/c3p0-0.9.5.5: Denial of service ("billion laughs") by recursive XML expansion (CVE-2019-5427)
719144 - Assigned to Gentoo Security
<dev-java/dom4j-2.1.3: XML External Entity (XEE) vulnerability in default SAX parser (CVE-2020-10683)
719318 - Assigned to Gentoo Security
<dev-java/jdbc-postgresql-42.4.0: XXE vulnerability (CVE-2020-13692)
727906 - Assigned to Gentoo Security
<dev-java/junit-4.13.1: TemporaryFolder information disclosure vulnerability (CVE-2020-15250)
748402 - Assigned to Gentoo Security
<dev-java/guava-30.1.1: Multiple vulnerabilities (CVE-2018-10237, CVE-2020-8908)
760111 - Assigned to Gentoo Security
<dev-java/bcprov-1.69: Invalid password comparison logic for bcrypt (CVE-2020-28052)
760729 - Assigned to Gentoo Security
<www-apache/mod_jk-1.2.46 bypass htaccess by adding ';' at the end of an URL (CVE-2018-11759)
780051 - Assigned to Gentoo Security
<dev-java/commons-compress-1.21: multiple vulnerabilities (CVE-2021-{35515,35516,35517,36090})
802078 - Assigned to Gentoo Security
<dev-java/openjfx-11.0.11_p1: OOB read in bundled gstreamer
819633 - Assigned to Gentoo Security
<dev-java/jdbc-postgresql-42.4.1: sql injection via crafted column names
863506 - Assigned to Gentoo Security
<net-vpn/i2p-2.3.0: Eepsite deanonymization attack
911550 - Assigned to Gentoo Security
<dev-java/bcprov-1.74: LDAP injection vulnerability
912248 - Assigned to Gentoo Security
dev-java/ant-ivy: multiple vulnerabilities
916262 - Assigned to Gentoo Security
<dev-java/gradle-bin-8.4: multiple vulnerabilities
917402 - Assigned to Gentoo Security
<dev-java/json-20231013: unconstrained memory usage DoS
918529 - Assigned to Gentoo Security
<dev-java/commons-compress-1.26.0-r1: multiple vulnerabilities
924996 - Assigned to Gentoo Security
<dev-java/fop-2.10: Improper Restriction of XML External Entity Reference
941239 - Assigned to Gentoo Security
<dev-java/json-smart-2.5.1: possible stack overflow
947204 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.
Packages