9.0.2

DATE	CVE	VULNERABILITY TITLE	RISK
2019-02-27	CVE-2019-1559	Information Exposure Through Discrepancy vulnerability in multiple products If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. network high complexity openssl canonical debian netapp f5 tenable opensuse fedoraproject mcafee redhat oracle paloaltonetworks nodejs CWE-203	5.9
2018-01-18	CVE-2018-2638	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Deployment). network high complexity oracle redhat netapp	8.3
2018-01-18	CVE-2018-2627	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: Installer). local high complexity oracle redhat netapp	7.5
2018-01-18	CVE-2018-2581	Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). network low complexity oracle redhat netapp	4.7
2016-04-21	CVE-2016-3427	Unspecified vulnerability in Oracle Java SE 6u113, 7u99, and 8u77; Java SE Embedded 8u77; and JRockit R28.3.9 allows remote attackers to affect confidentiality, integrity, and availability via vectors related to JMX. network low complexity oracle canonical debian netapp apache redhat suse opensuse critical	9.8