My Oracle Support Banner

Do Common Vulnerabilities and Exposures (CVEs) Affect Only the Versions of Java Listed in the Critical Patch Update (CPU) Advisory? (Doc ID 2101185.1)

Last updated on JUNE 03, 2017

Applies to:

Java SE JDK and JRE - Version 8 and later
Information in this document applies to any platform.

Goal

For CVE-2016-0483, are the versions listed in the Oracle Critical Patch Update Advisory page the only versions that are affected?  As an example, see http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html under the Oracle Java SE Risk Matrix.  For this CVE, under the column labelled "Supported Versions Affected", it lists Java SE: 6u105, 7u91 and 8u66; Java SE Embedded: 8u65; and JRockit: R28.3.8.

Are only these specific versions affected?

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.