openSUSE 16 Security Update : java-17-openj9 (openSUSE-SU-2026:20943-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20943-1 advisory. Changes in java-17-openj9: - Make post scripts less noisy bsc1267355 - Use libalternatives instead of update-alternatives for distributions wher...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2026-9682)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-9682 advisory. - Update to 8u492-b09 GA Orabug: 39247147CVE-2026-22007CVE-2026-22013 CVE-2026-22016CVE-2026-22018CVE-2026-22021CVE-2026-23865CVE-2026-34268 - Fixes...

Important: Red Hat Security Advisory: java-21-ibm-semeru-certified-jdk security update

An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.0 Extended Update Support, Red Hat Enterprise Linux 10, and Red Hat Enterprise Linux 10.2 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Importan...

Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenJDK 17 vulnerabilities (USN-8327-1)

The remote Ubuntu 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8327-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 17 did not correctly authenticate...

USN-8328-1 openjdk-21 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 21 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

java-17-openjdk security update

An update is available for java-17-openjdk. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The java-17-openjdk packages provide the OpenJDK 17 Java Runtime...

CLEANSTART-2026-KV09488 Security fixes for CVE-2026-23865, CVE-2026-23868, CVE-2026-24281, CVE-2026-24308, CVE-2026-34479, CVE-2026-42577, ghsa-355h-qmc2-wpwf, ghsa-3pxv-7cmr-fjr4, ghsa-445c-vh5m-36rj, ghsa-6hg6-v5c8-fphq, ghsa-72hv-8253-57qq, ghsa-h383-gmxw-35v2, ghsa-rwm7-x88c-3g2p, ghsa-w35j-pv5h-q9q9 applied in versions: 9.10.1-r1, 9.10.1-r2

Multiple security vulnerabilities affect the solr package. These issues are resolved in later releases. See references for individual vulnerability details...

SUSE-SU-2026:1955-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues - CVE-2026-22007: APIs in the specified component can lead to an unauthorized read access bsc1262490. - CVE-2026-22013: unauthenticated attacker with network access can access to critical data bsc1262494. - CVE-2026-22016: APIs in the...

Alibaba Cloud Linux 3 : 0110: java-1.8.0-openjdk (ALINUX3-SA-2026:0110)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2026:0110 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2026-22007: No description is availabl...

CLSA-2026-1778488382 java-1.8.0-openjdk: Fix of 8 CVEs

Update to shenandoah-jdk8u492-b09 - Security fixes from OpenJDK 8u492-b09: - CVE-2026-22003: enhance behavior of some intrinsics - CVE-2026-22007: enhance crypto algorithm support - CVE-2026-22013: improve Kerberos credentialing - CVE-2026-22018: enhance Zip file reading - CVE-2026-22021: enhance...

java-25-openj9-25.0.3.0-1.1 on GA media (moderate)

java-25-openj9-25.0.3.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10728-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22013 CVE-2026-22018 CVE-2026-23865 CVE-2026-34282 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE :...

MiracleLinux 9 : java-17-openjdk-17.0.19.0.10-2.el9.ML.1 (AXSA:2026-599:08)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2026-599:08 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2026:1703-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1703-1 advisory. Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon t...

openSUSE 16 Security Update : java-25-openjdk (openSUSE-SU-2026:20672-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20672-1 advisory. Update to upstream tag jdk-25.0.3+9 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to th...

openSUSE 16 Security Update : java-21-openjdk (openSUSE-SU-2026:20681-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20681-1 advisory. Update to upstream tag jdk-21.0.11+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to...

SUSE SLES15 Security Update : java-17-openjdk (SUSE-SU-2026:1732-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1732-1 advisory. Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker...

Security Bulletin: Multiple vulnerabilities affect IBM® Semeru Runtime (CVE-2026-34282, CVE-2026-22016, CVE-2026-23865, CVE-2026-22021, CVE-2026-22013, CVE-2026-20018, CVE-2026-22008, CVE-2026-34268, CVE-2026-22007, CVE-2026-6918)

Summary This bulletin for IBM Semeru Runtime covers all applicable Java SE CVEs published by OpenJDK as part of their April 2026 Vulnerability Advisory, plus CVE-2026-6918. For more information please refer to OpenJDK's April 2026 Vulnerability Advisory and the CVE links below. Vulnerability...

SUSE-SU-2026:1731-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.31+11 April 2026 CPU. Security issues fixed: CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

SUSE-SU-2026:21552-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.19+10 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...