Information on source package icedtea-web

Available versions

ReleaseVersion
buster1.7.2-2
bullseye1.8.4-1
bookworm1.8.8-2
trixie1.8.8-2
sid1.8.8-2

Open issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2019-10185vulnerable (no DSA)fixedfixedfixedfixedIt was found that icedtea-web up to and including 1.7.2 and 1.8.2 was ...
CVE-2019-10182vulnerable (no DSA)fixedfixedfixedfixedIt was found that icedtea-web though 1.7.2 and 1.8.2 did not properly ...
CVE-2019-10181vulnerable (no DSA)fixedfixedfixedfixedIt was found that in icedtea-web up to and including 1.7.2 and 1.8.2 e ...

Open unimportant issues

BugbusterbullseyebookwormtrixiesidDescription
CVE-2015-5236vulnerablevulnerablevulnerablevulnerablevulnerableIt was discovered that the IcedTea-Web used codebase attribute of the ...

Resolved issues

BugDescription
CVE-2015-5235IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly dete ...
CVE-2015-5234IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sani ...
CVE-2013-6493The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc ...
CVE-2013-1927The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remo ...
CVE-2013-1926The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the sa ...
CVE-2012-4540Off-by-one error in the invoke function in IcedTeaScriptablePluginObje ...
CVE-2012-3423The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ...
CVE-2012-3422The getFirstInTableInstance function in the IcedTea-Web plugin before ...
CVE-2011-3377The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x be ...
CVE-2011-2514The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ...
CVE-2011-2513The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ...

Security announcements

DSA / DLADescription
DLA-1914-1icedtea-web - security update
DSA-2768-1icedtea-web - heap-based buffer overflow
Search for package or bug name: Reporting problems