The remote SUSE Linux SLES15 / SLES_SAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:0847-1 advisory.

    - CVE-2024-20952: Fixed RSA padding issue and timing side-channel attack against TLS (8317547)     (bsc#1218911).
    - CVE-2024-20921: Fixed range check loop optimization issue (8314307) (bsc#1218905).
    - CVE-2024-20926: Fixed rbitrary Java code execution in Nashorn (8314284) (bsc#1218906).
    - CVE-2024-20919: Fixed JVM class file verifier flaw allows unverified byte code execution (8314295)     (bsc#1218903).
    - CVE-2024-20918: Fixed array out-of-bounds access due to missing range check in C1 compiler (8314468)     (bsc#1218907).
    - CVE-2024-20945: Fixed logging of digital signature private keys (8316976) (bsc#1218909).

    Update to version jdk8u402 (icedtea-3.30.0).

Tenable has extracted the preceding description block directly from the SUSE security advisory.

Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.

Detections

Analytics

SUSE SLES15: java-1_8_0-openjdk / java-1_8_0-openjdk-accessibility / etc (SUSE-SU-2024:0847-1)

high Nessus Plugin ID 192007

Version 1.4

Version 1.3

Version 1.2

Version 1.1

Version 1.0

Version 1.4 Jun 26, 2026, 4:08 PM CVSS metrics ("CVSSv2 score" set to 10.0) CVSS metrics ("CVSSv2 vector" set to "CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C") Plugin metadata Plugin Feed: 202606261608
Version 1.3 Nov 5, 2025, 10:10 AM CVSS metrics ("CVSSv3 score" set to 7.4) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N") CVSSv3 score source (changed from "CVE-2024-20945" to none) CVSSv3 severity (based on None, severity increased from "Medium" to "High") Plugin Feed: 202511051010
Version 1.2 Nov 4, 2025, 12:12 PM CVSS metrics ("CVSSv3 score" set to 4.7) CVSS metrics ("CVSSv3 vector" set to "CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N") CVSSv3 score source (set to "CVE-2024-20945") CVSSv3 severity (based on CVE-2024-20945, severity decreased from "High" to "Medium") Plugin Feed: 202511041212
Version 1.1 Mar 13, 2024, 4:23 PM Detection (updated detection logic) Plugin metadata Plugin Feed: 202403131623
Version 1.0 Mar 13, 2024, 11:29 AM New Plugin Feed: 202403131129