Information on source package icedtea-web

Available versions

ReleaseVersion
jessie1.5.3-1
stretch1.6.2-3.1+deb9u1
buster1.7.2-2
bullseye1.8.3-1
sid1.8.3-1

Open issues

BugjessiestretchbusterbullseyesidDescription
CVE-2019-10185vulnerablevulnerablevulnerablefixedfixedIt was found that icedtea-web up to and including 1.7.2 and 1.8.2 was ...
CVE-2019-10182vulnerablevulnerablevulnerablefixedfixedIt was found that icedtea-web though 1.7.2 and 1.8.2 did not properly ...
CVE-2019-10181vulnerablevulnerablevulnerablefixedfixedIt was found that in icedtea-web up to and including 1.7.2 and 1.8.2 e ...

Resolved issues

BugDescription
CVE-2015-5235IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly dete ...
CVE-2015-5234IcedTea-Web before 1.5.3 and 1.6.x before 1.6.1 does not properly sani ...
CVE-2013-6493The LiveConnect implementation in plugin/icedteanp/IcedTeaNPPlugin.cc ...
CVE-2013-1927The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 allows remo ...
CVE-2013-1926The IcedTea-Web plugin before 1.2.3 and 1.3.x before 1.3.2 uses the sa ...
CVE-2012-4540Off-by-one error in the invoke function in IcedTeaScriptablePluginObje ...
CVE-2012-3423The IcedTea-Web plugin before 1.2.1 does not properly handle NPVariant ...
CVE-2012-3422The getFirstInTableInstance function in the IcedTea-Web plugin before ...
CVE-2011-3377The web browser plug-in in IcedTea-Web 1.0.x before 1.0.6 and 1.1.x be ...
CVE-2011-2514The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ...
CVE-2011-2513The Java Network Launching Protocol (JNLP) implementation in IcedTea6 ...

Security announcements

DSA / DLADescription
DSA-2768-1icedtea-web - heap-based buffer overflow

Search for package or bug name: Reporting problems