VDB
RHSA-2018%3A1647
RHSA-2018%3A1647
PUBLISHED
CVSS 5.599999904632568 MEDIUM
Red Hat Security Advisory: java-1.7.0-openjdk security update
Risk Scores
CVSS 3.0
5.599999904632568
CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Red Hat:enterprise_linux:6::server | java-1.7.0-openjdk-javadoc | 0, 0 |
| Red Hat:enterprise_linux:6::workstation | java-1.7.0-openjdk | 0, 0 |
| Red Hat:enterprise_linux:6::client | java-1.7.0-openjdk-devel | 0, 0 |
| Red Hat:enterprise_linux:6::workstation | java-1.7.0-openjdk-demo | 0, 0 |
| Red Hat:enterprise_linux:6::server | java-1.7.0-openjdk | 0, 0 |
| Red Hat:enterprise_linux:6::server | java-1.7.0-openjdk-devel | 0, 0 |
| Red Hat:enterprise_linux:6::client | java-1.7.0-openjdk-javadoc | 0, 0 |
| Red Hat:enterprise_linux:6::workstation | java-1.7.0-openjdk-javadoc | 0, 0 |
| Red Hat:enterprise_linux:6::client | java-1.7.0-openjdk | 0, 0 |
| Red Hat:enterprise_linux:6::computenode | java-1.7.0-openjdk-devel | 0, 0 |
| Red Hat:enterprise_linux:6::server | java-1.7.0-openjdk-src | 0, 0 |
| Red Hat:enterprise_linux:6::server | java-1.7.0-openjdk-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:6::computenode | java-1.7.0-openjdk-src | 0, 0 |
| Red Hat:enterprise_linux:6::computenode | java-1.7.0-openjdk-javadoc | 0, 0 |
| Red Hat:enterprise_linux:6::computenode | java-1.7.0-openjdk-debuginfo | 0, 0 |
| Red Hat:enterprise_linux:6::computenode | java-1.7.0-openjdk-demo | 0, 0 |
| Red Hat:enterprise_linux:6::computenode | java-1.7.0-openjdk | 0, 0 |
| Red Hat:enterprise_linux:6::server | java-1.7.0-openjdk-demo | 0, 0 |
| Red Hat:enterprise_linux:6::workstation | java-1.7.0-openjdk-src | 0, 0 |
| Red Hat:enterprise_linux:6::workstation | java-1.7.0-openjdk-devel | 0, 0 |
…and 4 more
Exploit Intelligence
- spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc-repo)
- spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc-repo)
- SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4) (github-poc-repo)
- SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4) (github-poc-repo)
- Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc-repo)
- Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc-repo)
- spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc)
- spectre v4 : Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc)
- Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc)
- Speculative Store Bypass (CVE-2018-3639) proof of concept for Linux (github-poc)
…and 4 more exploits
Timeline
- May 21, 2018 CVE Published
- Nov 21, 2025 CVE Updated
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Distribution Patch
- Apr 30, 2026 Security Advisory
- Apr 30, 2026 Security Advisory
References
- https://access.redhat.com/errata/RHSA-2018:1647 advisory
- https://access.redhat.com/security/updates/classification/#important article
- https://access.redhat.com/security/vulnerabilities/ssbd article
- https://bugzilla.redhat.com/show_bug.cgi?id=1566890 report
- https://security.access.redhat.com/data/csaf/v2/advisories/2018/rhsa-2018_1647.json advisory
- https://access.redhat.com/security/cve/CVE-2018-3639 report
- https://www.cve.org/CVERecord?id=CVE-2018-3639 advisory
- https://nvd.nist.gov/vuln/detail/CVE-2018-3639 advisory
- https://bugs.chromium.org/p/project-zero/issues/detail?id=1528 article
- https://software.intel.com/sites/default/files/managed/b9/f9/336983-Intel-Analysis-of-Speculative-Execution-Side-Channels-White-Paper.pdf article
- https://software.intel.com/sites/default/files/managed/c5/63/336996-Speculative-Execution-Side-Channel-Mitigations.pdf article
- https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00115.html article