Browse all 5 CVE security advisories affecting IcedTea. AI-powered Chinese analysis, POCs, and references for each vulnerability.
IcedTea serves as an open-source implementation of Java for Linux systems, enabling Java applications to run on platforms without official Oracle support. Historically, it has been vulnerable to remote code execution, cross-site scripting, and privilege escalation flaws due to insecure parsing of untrusted inputs and insufficient sandbox protections. Notable security characteristics include its community-driven development model and regular security audits, though it has faced incidents like CVE-2013-2445, which allowed bypass of security restrictions. Despite these challenges, IcedTea remains a critical component for Java compatibility in open-source environments, with ongoing efforts to address vulnerabilities through timely patches and improved security practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2010-2783 | IcedTea6 信息泄露漏洞 — IcedTea6 | 9.1 | - | 2019-10-31 |
| CVE-2010-2548 | IcedTea6 信息泄露漏洞 — IcedTea6 | 9.1 | - | 2019-10-31 |
| CVE-2019-10181 | icedtea-web 数据伪造问题漏洞 — icedtea-webCWE-345 | 8.1 | - | 2019-07-31 |
| CVE-2019-10182 | icedtea-web 代码注入漏洞 — icedtea-webCWE-22 | 6.5 | - | 2019-07-31 |
| CVE-2019-10185 | icedtea-web 路径遍历漏洞 — icedtea-webCWE-22 | 10.0 | - | 2019-07-31 |
This page lists every published CVE security advisory associated with IcedTea. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.