Packages
Get Gentoo!
gentoo.org sites
gentoo.org
Wiki
Bugs
Forums
Packages
Planet
Archives
Sources
Infra Status
Home
Packages
Maintainers
USE flags
Architectures
About
Gentoo Project
Java
Packages
382
Stabilization
10
Outdated
80
Pull requests
22
Bugs
188
Security
22
Changelog
Security Bug Reports
<dev-java/fop-2.3: XML external entity processing vulnerability
616474 - Assigned to Gentoo Security
<dev-java/bcprov-1.65: Multiple vulnerabilities (CVE-2016-{1000338,1000339,1000340,1000341,1000342,1000343, 1000344,1000352}, CVE-2017-13098, CVE-2018-{1000180,1000613})
717950 - Assigned to Gentoo Security
<dev-java/c3p0-0.9.5.5: Denial of service ("billion laughs") by recursive XML expansion (CVE-2019-5427)
719144 - Assigned to Gentoo Security
<dev-java/dom4j-2.1.3: XML External Entity (XEE) vulnerability in default SAX parser (CVE-2020-10683)
719318 - Assigned to Gentoo Security
<dev-java/jdbc-postgresql-42.4.0: XXE vulnerability (CVE-2020-13692)
727906 - Assigned to Gentoo Security
<dev-java/junit-4.13.1: TemporaryFolder information disclosure vulnerability (CVE-2020-15250)
748402 - Assigned to Gentoo Security
<dev-java/guava-30.1.1: Multiple vulnerabilities (CVE-2018-10237, CVE-2020-8908)
760111 - Assigned to Gentoo Security
<dev-java/bcprov-1.69: Invalid password comparison logic for bcrypt (CVE-2020-28052)
760729 - Assigned to Gentoo Security
<www-apache/mod_jk-1.2.46 bypass htaccess by adding ';' at the end of an URL (CVE-2018-11759)
780051 - Assigned to Gentoo Security
<dev-java/gradle-bin-7.5: multiple vulnerabilities
782694 - Assigned to Gentoo Security
<dev-java/commons-compress-1.21: multiple vulnerabilities (CVE-2021-{35515,35516,35517,36090})
802078 - Assigned to Gentoo Security
<dev-java/ant{,-core}-1.10.14: multiple vulnerabilities (CVE-2021-{36373,36374})
802165 - Assigned to Gentoo Security
<dev-java/openjfx-11.0.11_p1: OOB read in bundled gstreamer
819633 - Assigned to Gentoo Security
<dev-java/jdbc-postgresql-42.4.1: sql injection via crafted column names
863506 - Assigned to Gentoo Security
<dev-java/snappy-1.1.10.1: multiple vulnerabilities
908557 - Assigned to Gentoo Security
<net-vpn/i2p-2.3.0: Eepsite deanonymization attack
911550 - Assigned to Gentoo Security
<dev-java/bcprov-1.74: LDAP injection vulnerability
912248 - Assigned to Gentoo Security
<dev-java/snappy-1.1.10.5: Denial of Service
916063 - Assigned to Gentoo Security
dev-java/ant-ivy: multiple vulnerabilities
916262 - Assigned to Gentoo Security
<dev-java/gradle-bin-8.4: multiple vulnerabilities
917402 - Assigned to Gentoo Security
<dev-java/json-20231013: unconstrained memory usage DoS
918529 - Assigned to Gentoo Security
<dev-java/commons-compress-1.26.0-r1: multiple vulnerabilities
924996 - Assigned to Gentoo Security
Contact Information
Please file new vulnerability reports on
Gentoo Bugzilla
and assign them to the Gentoo Security product and Vulnerabilities component.