Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenJDK 8 vulnerabilities (USN-8330-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS / 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8330-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 8 did not correctly...

Ubuntu 25.10 / 26.04 LTS : CRaC JDK 21 vulnerabilities (USN-8333-1)

The remote Ubuntu 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8333-1 advisory. Thomas Beckers discovered that the JAXP component of CRaC JDK 21 did not correctly authenticate certain APIs. A remote unauthenticated attacker...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenJDK 25 vulnerabilities (USN-8339-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8339-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 25 did not correctly authenticate certain APIs. A remote...

USN-8341-1: OpenJDK 26 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 26 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

USN-8328-1: OpenJDK 21 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 21 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

USN-8327-1: OpenJDK 17 vulnerabilities

Thomas Beckers discovered that the JAXP component of OpenJDK 17 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of...

Astra Linux - уязвимость в openjdk-11

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. The supported versions affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. This easily exploitable vulnerability allows an unauthenticated...

BIT-JRE-2021-35550

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Difficult to exploit vulnerability allows unauthenticated...

PT-2026-38740

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 8u301, 11.0.12, 17; Oracle GraalVM Enterprise Edition: 20.3.3 and 21.2.0. Easily exploitable vulnerability allows unauthenticated attacker...

PT-2026-38848

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...

BIT-JAVA-2025-21587

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle...

BIT-JAVA-2023-21930

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u361, 8u361-perf, 11.0.18, 17.0.6, 20; Oracle GraalVM Enterprise Edition: 20.3.9, 21.3.5 and 22.3.1. Difficult to exploit...

PT-2026-37699

Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: JSSE. Supported versions that are affected are Java SE: 7u251, 8u241, 11.0.6 and 14; Java SE Embedded: 8u241. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to...

CVE-2026-22021

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 17.0.18 a...

EUVD-2020-22609

Malware in sbrugna...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15,...

USN-7533-1: CRaC JDK 17 vulnerabilities

Alicja Kario discovered that the JSSE component of CRaC JDK 17 incorrectly handled RSA padding. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 17 incorrectly handled compiler transformations. An...

Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 CVE-2025-30691: unauthorized update, insert or dele...

Ubuntu: Security Advisory (USN-7482-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-7482-1: OpenJDK 17 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 17 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 17 incorrectly handled compiler transformations. An...