SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2025:1524-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1524-1 advisory. Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: - CVE-2025-21587: unauthorized creation, deletion or modification of critical...

SUSE SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2025:1487-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1487-1 advisory. Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion...

RockyLinux 8 : java-1.8.0-openjdk (RLSA-2024:4563)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4563 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessiv...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-21-openjdk (SUSE-SU-2025:1429-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1429-1 advisory. Update to upstream tag jdk-21.0.7+6 April 2025 CPU CVEs fixed: + CVE-2025-21587: Fixed JSSE...

Security Bulletin: Multiple vulnerabilities in Java affect IBM Business Automation Workflow - October 2024 CPU

Summary IBM Business Automation Workflow traditional includes IBM Java 8. Information about security vulnerabilities in these Java runtumes have been published. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability...

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2025-2838)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.15+6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2838 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2025-2839)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.27+6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2839 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2025:1399-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1399-1 advisory. Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critic...

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2025-955)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-955 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2025-953)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-953 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2025-952)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-952 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2025-013)

The version of java-11-openjdk installed on the remote host is prior to 11.0.9.11-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2025-013 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2025-954)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-954 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-3845)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3845 advisory. 1:1.8.0.452.b09-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.452.b09-1 - Update to 8u452-b09 GA - Update release notes for 8u452-b09....

Azul Zulu Java Multiple Vulnerabilities (2025-04-15)

The version of Azul Zulu installed on the remote host is 6 prior to 6.71.0.16 / 7 prior to 7.77.0.14 / 8 prior to 8.85.0.22 / 11 prior to 11.79.20 / 11 prior to 11.79.18 / 17 prior to 17.57.20 / 17 prior to 17.57.18 / 21 prior to 21.41.18 / 24 prior to 24.30.13 / 24 prior to 24.30.12. It is,...

Amazon Corretto Java 11.x < 11.0.27.6.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 11 prior to 11.0.27.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2025-Apr-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...

Amazon Corretto Java 17.x < 17.0.15.6.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 17 prior to 17.0.15.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2025-Apr-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...

KLA82698 Multiple vulnerabilities in Oracle Java

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. Information disclosure vulnerability in JSSE can be exploited to...

Advisory ROSA-SA-2025-2789

Software: java-11-openjdk 11.0.25.0.9 OS: rosa-server79 packageevrstring: java-11-openjdk-11.0.25.0.9-1.0.1.res7 CVE-ID: CVE-2024-21208 BDU-ID: 2024-11501 CVE-Crit: LOW CVE-DESC.: A vulnerability in the Diagnostics components of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM f...

Security Bulletin: Multiple Java Vulnerabilities in IBM Event Streams

Summary Multiple Java SE vulnerabilities were addressed in IBM Event Streams version 11.5.1. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple...