Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenJDK 25 vulnerabilities (USN-8339-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8339-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 25 did not correctly authenticate certain APIs. A remote...

ROS-20250822-19

A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...

USN-7690-1: OpenJDK 17 vulnerabilities

It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

USN-7672-1 openjdk-17-crac vulnerabilities

It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

SUSE CVE-2010-3562

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October...

SUSE CVE-2010-3566

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...

UBUNTU-CVE-2022-21349

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated...

UBUNTU-CVE-2019-2987

Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Unspecified Vulnerability in Oracle Java SE (CNVD-2019-37417)

Java SE is the Java Platform Standard Edition, for the development and deployment of desktop, server and embedded devices and real-time environment of Java applications. A security vulnerability exists in the 2D component of Oracle Java SE 11.0.4, 13. An attacker could exploit this vulnerability ...

Vulnerability of the 2D component of the Java SE software platform, allowing attackers to gain full control over Java SE

The vulnerability of the 2D software platform of Java SE is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full control over Java SE...

JDK: Unspecified vulnerability fixed in 7u221 and 8u211 (2D)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

The vulnerability of the Java Platform software platform allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the Java Platform software platform allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data by using the 2D component...

The vulnerability of the Java Platform software platform allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the Java Platform software platform allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data by using the 2D component...

The vulnerability of the Java Platform software platform allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data.

The vulnerability of the Java Platform software platform allows a malicious actor to compromise the confidentiality, integrity, and accessibility of data by using the 2D component...

Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity

Vulnerability of the Java Runtime Environment, related to program components. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data by using the 2D component...

Vulnerability of the Java Runtime Environment software platform, which allows a malicious attacker to compromise data confidentiality and integrity

Vulnerability of the Java Runtime Environment, related to program components. Exploiting this vulnerability allows a malicious attacker to compromise the confidentiality, integrity, and accessibility of data by using the 2D component...