Alibaba Cloud Linux 3 : 0119: java-17-openjdk (ALINUX3-SA-2023:0119)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2023:0119 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-22006: Vulnerability in the Oracl...

Alibaba Cloud Linux 3 : 0173: java-17-openjdk (ALINUX3-SA-2022:0173)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALINUX3-SA-2022:0173 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2022-21618: Vulnerability in the Oracl...

java-11-openj9-11.0.27.0-1.1 on GA media (moderate)

java-11-openj9-11.0.27.0-1.1 on GA media Announcement ID: openSUSE-SU-2025:15077-1 Rating: moderate Cross-References: CVE-2025-21587 CVE-2025-30698 CVSS scores: CVE-2025-21587 SUSE : 7.4 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N CVE-2025-21587 SUSE : 9.1...

Oracle Linux 7 : java-1.8.0-openjdk (ELSA-2025-3844)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3844 advisory. 1:1.8.0.442.b06-1.0.3 - Fixed CVE-2025-21587, CVE-2025-30691 and CVE-2025-30698 Orabug: 37840723 Tenable has extracted the preceding description block...

SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openjdk (SUSE-SU-2025:1525-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1525-1 advisory. Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: - CVE-2025-21587: unauthorized creation, deletion or...

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2025:1524-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1524-1 advisory. Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: - CVE-2025-21587: unauthorized creation, deletion or modification of critical...

SUSE SLES15 / openSUSE 15 Security Update : java-11-openjdk (SUSE-SU-2025:1487-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1487-1 advisory. Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion...

RockyLinux 8 : java-1.8.0-openjdk (RLSA-2024:4563)

The remote RockyLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:4563 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK: Excessiv...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : java-21-openjdk (SUSE-SU-2025:1429-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1429-1 advisory. Update to upstream tag jdk-21.0.7+6 April 2025 CPU CVEs fixed: + CVE-2025-21587: Fixed JSSE...

Security Bulletin: Multiple vulnerabilities in Java affect IBM Business Automation Workflow - October 2024 CPU

Summary IBM Business Automation Workflow traditional includes IBM Java 8. Information about security vulnerabilities in these Java runtumes have been published. Vulnerability Details CVEID:CVE-2024-21235 DESCRIPTION: Vulnerability in Java SE component: Hotspot. Difficult to exploit vulnerability...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2025-2839)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.27+6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2839 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Amazon Linux 2 : java-17-amazon-corretto (ALAS-2025-2838)

The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.15+6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2838 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2025:1399-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:1399-1 advisory. Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critic...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2025-953)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-953 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2025-954)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-954 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Amazon Linux 2 : java-11-openjdk (ALASJAVA-OPENJDK11-2025-013)

The version of java-11-openjdk installed on the remote host is prior to 11.0.9.11-0. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2JAVA-OPENJDK11-2025-013 advisory. Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE component: Serialization...

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2025-952)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-952 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2025-955)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2025-955 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2025-3845)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-3845 advisory. 1:1.8.0.452.b09-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:1.8.0.452.b09-1 - Update to 8u452-b09 GA - Update release notes for 8u452-b09....

Amazon Corretto Java 17.x < 17.0.15.6.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is 17 prior to 17.0.15.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2025-Apr-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...