Release | Version |
---|---|
jessie | 1.5.3-1+deb8u1 |
stretch | 1.6.2-3.1+deb9u1 |
buster | 1.7.2-2 |
bullseye | 1.8.4-1 |
bookworm | 1.8.8-2 |
trixie | 1.8.8-3 |
sid | 1.8.8-3 |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2019-10185 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | It was found that icedtea-web up to and including 1.7.2 and 1.8.2 was ... |
CVE-2019-10182 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | It was found that icedtea-web though 1.7.2 and 1.8.2 did not properly ... |
CVE-2019-10181 | fixed | vulnerable (no DSA) | vulnerable (no DSA) | fixed | fixed | fixed | fixed | It was found that in icedtea-web up to and including 1.7.2 and 1.8.2 e ... |
Bug | jessie | stretch | buster | bullseye | bookworm | trixie | sid | Description |
---|---|---|---|---|---|---|---|---|
CVE-2015-5236 | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | vulnerable | It was discovered that the IcedTea-Web used codebase attribute of the ... |
Bug | Description |
---|---|
CVE-2015-5235 | IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly dete ... |
CVE-2015-5234 | IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sani ... |
CVE-2013-6493 | The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc ... |
CVE-2013-1927 | The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remo ... |
CVE-2013-1926 | The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the sa ... |
CVE-2012-4540 | Off-by-one error in the invoke function in IcedTeaScriptablePluginObje ... |
CVE-2012-3423 | The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ... |
CVE-2012-3422 | The getFirstInTableInstance function in the IcedTea-Web plugin before ... |
CVE-2011-3377 | The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x be ... |
CVE-2011-2514 | The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ... |
CVE-2011-2513 | The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ... |
DSA / DLA | Description |
---|---|
DLA-1914-1 | icedtea-web - security update |
DSA-2768-1 | icedtea-web - heap-based buffer overflow |