Important: Red Hat Security Advisory: java-1.8.0-ibm security update

An update for java-1.8.0-ibm is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 8 : java-1.8.0-ibm (RHSA-2026:22139)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22139 advisory. IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. Security Fixes: openjdk: OpenJDK...

USN-8332-1 openjdk-17-crac vulnerabilities

Thomas Beckers discovered that the JAXP component of CRaC JDK 17 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of CRa...

SUSE-SU-2026:21543-1 Security update for java-25-openjdk

This update for java-25-openjdk fixes the following issues: Update to upstream tag jdk-25.0.3+9 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security: unauthenticated attacker with logon to the infrastructure where java executes can gain unauthorized read access to a subset of...

AlmaLinux 9 : java-1.8.0-openjdk (ALSA-2026:9683)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:9683 advisory. JDK: Enhance crypto algorithm support CVE-2026-22007 JDK: Improve Kerberos credentialing CVE-2026-22013 JDK: Enhance Path Factories Redux CVE-2026-22016...

AlmaLinux 10 : java-25-openjdk (ALSA-2026:0933)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:0933 advisory. JDK: Improve JMX connections CVE-2026-21925 JDK: Improve HttpServer Request handling CVE-2026-21933 JDK: Enhance Certificate Checking CVE-2026-21945...

GHSA-QC7Q-3C5C-F8MV vulnerabilities

Vulnerabilities for packages: openjdk...

GHSA-QC7Q-3C5C-F8MV vulnerabilities

Vulnerabilities for packages: cof-corretto, openjdk-26-openj9, openjdk-8-openj9, openjdk-11-openj9, corretto, openjdk, adoptium-openjdk, openjdk-25-openj9, liberica, zulu-psu, zulu-cpu, openjdk-17-openj9, openjdk-21-openj9, openjdk-crac...

GHSA-5RM3-299F-6M9V vulnerabilities

Vulnerabilities for packages: cof-corretto, openjdk-26-openj9, openjdk-8-openj9, openjdk-11-openj9, corretto, openjdk, adoptium-openjdk, openjdk-25-openj9, liberica, zulu-psu, zulu-cpu, openjdk-17-openj9, openjdk-21-openj9, openjdk-crac...

MiracleLinux 8 : java-1.8.0-openjdk-1.8.0.352.b08-2.el8 (AXSA:2022-3901:10)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3901:10 advisory. OpenJDK: excessive memory allocation in X.509 certificate parsing Security, 8286533 CVE-2022-21626 OpenJDK: HttpServer no connection count limit...

MiracleLinux 8 : java-21-openjdk-21.0.2.0.13-1.el8.ML.1 (AXSA:2024-7439:03)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7439:03 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 7 : java-11-openjdk-11.0.13.0.8-1.el7 (AXSA:2021-2490:12)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2490:12 advisory. OpenJDK: Loop in HttpsServer triggered during TLS session close JSSE, 8254967 CVE-2021-35565 OpenJDK: Incorrect principal selection when using...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.422.b05-1.0.1.el7.AXS7 (AXSA:2024-8735:15)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-8735:15 advisory. OpenJDK: RangeCheckElimination array index overflow 8323231 CVE-2024-21147 OpenJDK: potential UTF8 size overflow 8314794 CVE-2024-21131 OpenJDK:...

MiracleLinux 8 : java-11-openjdk-11.0.15.0.9-2.el8 (AXSA:2022-3152:07)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3152:07 advisory. OpenJDK: Defective secure validation in Apache Santuario Libraries, 8278008 CVE-2022-21476 OpenJDK: Unbounded memory allocation when compiling craft...

MiracleLinux 7 : java-1.8.0-openjdk-1.8.0.302.b08-0.el7 (AXSA:2021-2241:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2241:09 advisory. OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient t...

MiracleLinux 7 : java-11-openjdk-11.0.16.0.8-1.el7 (AXSA:2022-3588:09)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2022-3588:09 advisory. OpenJDK: integer truncation issue in Xalan-J JAXP, 8285407 CVE-2022-34169 OpenJDK: class compilation issue Hotspot, 8281859 CVE-2022-21540 OpenJDK:...

MiracleLinux 9 : java-11-openjdk-11.0.20.0.8-2.el9.ML.1 (AXSA:2023-6266:17)

The remote MiracleLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-6266:17 advisory. OpenJDK: ZIP file parsing infinite loop 8302483 CVE-2023-22036 OpenJDK: weakness in AES implementation 8308682 CVE-2023-22041 OpenJDK: improper...

MiracleLinux 7 : java-11-openjdk-11.0.12.0.7-0.el7 (AXSA:2021-2242:10)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2242:10 advisory. OpenJDK: Incorrect comparison during range check elimination Hotspot, 8264066 CVE-2021-2388 OpenJDK: FTP PASV command response can cause FtpClient t...

MiracleLinux 8 : java-11-openjdk-11.0.22.0.7-2.el8 (AXSA:2024-7445:04)

The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2024-7445:04 advisory. OpenJDK: array out-of-bounds access due to missing range check in C1 compiler 8314468 CVE-2024-20918 OpenJDK: RSA padding issue and timing...

MiracleLinux 7 : java-11-openjdk-11.0.18.0.10-1.el7 (AXSA:2023-4847:03)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2023-4847:03 advisory. OpenJDK: handshake DoS attack against DTLS connections JSSE, 8287411 CVE-2023-21835 OpenJDK: soundbank URL remote loading Sound, 8293742...