ALSA-2026:0927 Important: java-17-openjdk security update

The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit. Security Fixes: JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945 libpn...

Amazon Corretto Java 17.x < 17.0.18.8.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 17 prior to 17.0.18.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2026-Jan-20 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...

MiracleLinux 8 : java-17-openjdk-17.0.12.0.7-2.el8 (AXSA:2024-8579:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8579:12 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 8 : java-17-openjdk-17.0.5.0.8-2.el8 (AXSA:2022-3905:06)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3905:06 advisory. OpenJDK: improper MultiByte conversion can lead to buffer overflow JGSS, 8286077 CVE-2022-21618 OpenJDK: excessive memory allocation in X.509...

MiracleLinux 8 : java-17-openjdk-17.0.8.0.7-2.el8 (AXSA:2023-6263:12)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6263:12 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

MiracleLinux 9 : java-17-openjdk-17.0.16.0.8-2.el9.ML.1 (AXSA:2025-10678:13)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-10678:13 advisory. JDK: Better Glyph drawing CVE-2025-30749 JDK: Enhance TLS protocol support CVE-2025-30754 JDK: Improve HTTP client header handling CVE-2025-50059...

MiracleLinux 8 : java-17-openjdk-17.0.15.0.6-2.el8 (AXSA:2025-9892:08)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2025-9892:08 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling...

Security Bulletin: IBM Sterling Connect:Direct FTP+ is vulnerable to various attacks due to IBM Runtime Environment Java Technology Edition Version 17

Summary IBM Java 17 is used by IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms in product configuration and data transmission. IBM Sterling Connect:Direct FTP+ on AIX, Linux, and Windows platforms is impacted by vulnerabilities in IBM Java 17. IBM Sterling Connect:Direct FTP...

Security Bulletin: IBM Maximo Application Suite uses java 17.0.13,github.com/go-viper/mapstructure/v2 v2.2.1 and github.com/docker/docker v27.3.1 which is vulnerable to GHSA-2464-8j7c-4cjm,CVE-2025-21502 and CVE-2025-54410

Summary IBM Maximo Application Suite uses java 17.0.13,github.com/go-viper/mapstructure/v2 v2.2.1 and github.com/docker/docker v27.3.1 which is vulnerable to GHSA-2464-8j7c-4cjm,CVE-2025-21502 and CVE-2025-54410. This bulletin contains information regarding the vulnerability and its fixture...

SUSE: Security Advisory (SUSE-SU-2025:21164-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE 16 Security Update : java-17-openjdk (openSUSE-SU-2025-20125-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20125-1 advisory. Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: - CVE-2025-53066: Fixed enhance path factories bsc1252417. - CVE-2025-53057: Fixed...

Security update for java-17-openjdk (important)

openSUSE security update: security update for java-17-openjdk ------------------------------------------------------------- Announcement ID: openSUSE-SU-2025-20125-1 Rating: important References: bsc1246806 bsc1252414 bsc1252417 Cross-References: CVE-2025-53057 CVE-2025-53066 CVSS scores:...

OPENSUSE-SU-2025:20125-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: - CVE-2025-53066: Fixed enhance path factories bsc1252417. - CVE-2025-53057: Fixed enhance certificate handling bsc1252414. Other bug fixes: - Do not embed rebuild counter bsc12468...

Security Bulletin: IBM Maximo Application Suite - Manage Component uses openjdk 17.0.14 and Python 3.11.11 which is vulnerable to CVEs listed in Summary.

Summary IBM Maximo Application Suite - Manage Component uses openjdk 17.0.14 which is vulnerable to CVE-2025-21587 ,CVE-2025-30698 , CVE-2025-2900 and Python 3.11.11 which is vulnerable to CVE-2025-4435,CVE- 2024-12718,CVE-2025-4330, CVE-2025-45. This bulletin contains information regarding the...

Security Bulletin: IBM Sterling Transformation Extender is affected by multiple IBM Semeru Java 17 vulnerabilities

Summary IBM Sterling Transformation Extender uses IBM Semeru Runtime Certified Edition, Version 17 and is affected by multiple vulnerabilities CVE-2025-53057, CVE-2025-53066, CVE-2025-50059, CVE-2025-50106, CVE-2025-30749, CVE-2025-30761 and CVE-2025-30754. Vulnerability Details...

SUSE: Security Advisory (SUSE-SU-2025:3997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2025:3997-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. CVE-2025-53066: Fixed unauthenticated...

SUSE-SU-2025:3997-1 Security update for java-17-openjdk

This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: - CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. - CVE-2025-53066: Fixed...

java-17-openj9-17.0.17.0-1.1 on GA media (moderate)

java-17-openj9-17.0.17.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15691-1 Rating: moderate Cross-References: CVE-2025-53057 CVSS scores: CVE-2025-53057 SUSE : 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2025-53057 SUSE : 8.2...