Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-2602

Published: 23/04/2019 Updated: 06/10/2022
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Jdk

Vulnerability Summary

It exists that the BigDecimal implementation in OpenJDK performed excessive computation when given certain values. An attacker could use this to cause a denial of service (excessive CPU usage). (CVE-2019-2602)

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

oracle jdk 11.0.2

oracle jdk 12

oracle jre 11.0.2

oracle jre 12

oracle jdk 1.8.0

oracle jdk 1.7.0

oracle jre 1.8.0

oracle jre 1.7.0

redhat enterprise linux desktop 7.0

redhat enterprise linux workstation 7.0

redhat enterprise linux server 7.0

redhat enterprise linux desktop 6.0

redhat enterprise linux server 6.0

redhat enterprise linux workstation 6.0

redhat satellite 5.8

redhat openshift container platform 3.11

redhat enterprise linux 8.0

redhat enterprise linux server tus 8.6

redhat enterprise linux server tus 8.4

redhat enterprise linux server tus 8.2

redhat enterprise linux server aus 8.6

redhat enterprise linux server aus 8.4

redhat enterprise linux server aus 8.2

redhat enterprise linux eus 8.4

redhat enterprise linux eus 8.2

redhat enterprise linux eus 8.1

redhat enterprise linux eus 8.6

opensuse leap 42.3

opensuse leap 15.0

canonical ubuntu linux 18.04

canonical ubuntu linux 18.10

canonical ubuntu linux 19.10

canonical ubuntu linux 16.04

debian debian linux 8.0

debian debian linux 9.0

mcafee epolicy orchestrator 5.9.0

mcafee epolicy orchestrator 5.9.1

mcafee epolicy orchestrator 5.10.0

hp xp7 command view

Vendor Advisories

Ubuntu Security Notice: openjdk-8, openjdk-lts vulnerabilities
Several security issues were fixed in OpenJDK ...
Debian Security Advisories: DSA-4453-1 openjdk-8 -- security update
Several vulnerabilities have been discovered in OpenJDK, an implementation of the Oracle Java platform, resulting in denial of service or sandbox bypass For the stable distribution (stretch), these problems have been fixed in version 8u212-b03-2~deb9u1 We recommend that you upgrade your openjdk-8 packages For the detailed security status of open ...
Amazon Linux AMI: ALAS-2019-1266
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI) Supported versions that are affected are Java SE: 7u211, 8u202, 1102 and 12; Java SE Embedded: 8u201 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded ...
Red Hat: Critical: java-1.8.0-ibm security update
Synopsis Critical: java-180-ibm security update Type/Severity Security Advisory: Critical Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Critical A Common Vulnerability Scoring System (CVSS) ...
Red Hat: Moderate: java-11-openjdk security update
Synopsis Moderate: java-11-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Red Hat: Important: java-1.7.0-openjdk security update
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-170-openjdk is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Red Hat: Important: java-1.8.0-openjdk security update
Synopsis Important: java-180-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Red Hat: Important: java-1.7.1-ibm security update
Synopsis Important: java-171-ibm security update Type/Severity Security Advisory: Important Topic An update for java-171-ibm is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Red Hat: Important: java-1.7.1-ibm security update
Synopsis Important: java-171-ibm security update Type/Severity Security Advisory: Important Topic An update for java-171-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Red Hat: Important: java-1.7.0-openjdk security update
Synopsis Important: java-170-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-170-openjdk is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Red Hat: Important: java-1.8.0-openjdk security update
Synopsis Important: java-180-openjdk security update Type/Severity Security Advisory: Important Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring Sys ...
Red Hat: Moderate: java-11-openjdk security update
Synopsis Moderate: java-11-openjdk security update Type/Severity Security Advisory: Moderate Topic An update for java-11-openjdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CVSS ...
Red Hat: Important: java-1.8.0-ibm security update
Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 6 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Red Hat: Important: java-1.8.0-ibm security update
Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Topic An update for java-180-ibm is now available for Red Hat Satellite 58Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scoring System (CVSS) ba ...
Red Hat: Important: java-1.8.0-openjdk security and bug fix update
Synopsis Important: java-180-openjdk security and bug fix update Type/Severity Security Advisory: Important Topic An update for java-180-openjdk is now available for Red Hat Enterprise Linux 6Red Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability ...
Red Hat: Important: java-1.8.0-ibm security update
Synopsis Important: java-180-ibm security update Type/Severity Security Advisory: Important Topic An update for java-180-ibm is now available for Red Hat Enterprise Linux 7 SupplementaryRed Hat Product Security has rated this update as having a security impact of Important A Common Vulnerability Scori ...
Amazon Linux 2: ALAS2-2019-1209
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries) Supported versions that are affected are Java SE: 7u211, 8u202, 1102 and 12; Java SE Embedded: 8u201 Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embed ...
Amazon Linux 2: ALAS2-2019-1228
Vulnerability in the Java SE component of Oracle Java SE (subcomponent: 2D) Supported versions that are affected are Java SE: 7u211 and 8u202 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE Successful attacks of this vulnerability can result in takeover of Java S ...
Amazon Linux 2: ALAS2-2019-1269
Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: RMI) Supported versions that are affected are Java SE: 7u211, 8u202, 1102 and 12; Java SE Embedded: 8u201 Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Java SE Embedded ...
Hitachi Security Advisories: Multiple Vulnerabilities in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor
Multiple vulnerabilities have been found in Hitachi Command Suite and Hitachi Infrastructure Analytics Advisor CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698 Affected products and versions are listed below Please upgrade your version to the appropriate version, or apply the Workarounds ...
Hitachi Security Advisories: Multiple Vulnerabilities in Cosminexus
Cosminexus Developer's Kit for Java(TM) and Hitachi Developer's Kit for Java contain the following vulnerabilities: CVE-2019-2602, CVE-2019-2684, CVE-2019-2697, CVE-2019-2698 Affected products and versions are listed below Please upgrade your version to the appropriate version These vulnerabilities exist in Cosminexus Developer's Kit for Jav ...

References

CWE-400http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00007.htmlhttps://access.redhat.com/errata/RHBA-2019:0959https://lists.debian.org/debian-lts-announce/2019/05/msg00011.htmlhttps://access.redhat.com/errata/RHSA-2019:1146https://usn.ubuntu.com/3975-1/https://access.redhat.com/errata/RHSA-2019:1166https://access.redhat.com/errata/RHSA-2019:1165https://access.redhat.com/errata/RHSA-2019:1164https://access.redhat.com/errata/RHSA-2019:1163https://access.redhat.com/errata/RHSA-2019:1238http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00058.htmlhttps://www.debian.org/security/2019/dsa-4453https://seclists.org/bugtraq/2019/May/75http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00013.htmlhttps://access.redhat.com/errata/RHSA-2019:1325https://access.redhat.com/errata/RHSA-2019:1518https://kc.mcafee.com/corporate/index?page=content&id=SB10285https://security.gentoo.org/glsa/201908-10https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbst03959en_ushttps://nvd.nist.govhttps://usn.ubuntu.com/3975-1/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27977IMAPlocal usersCVE-2024-32038CVE-2023-49963CVE-2023-22869CVE-2024-31497localCVE-2024-2961
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook