52 matches found
Amazon Linux 2 : java-17-amazon-corretto, --advisory ALAS2-2025-3047 (ALAS-2025-3047)
The version of java-17-amazon-corretto installed on the remote host is prior to 17.0.17+10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-3047 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produc...
Low: java-11-amazon-corretto
Issue Overview: Vulnerability in the Java SE product of Oracle Java SE component: Hotspot. Supported versions that are affected are Java SE: 11.0.7 and 14.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE...
Amazon Corretto Java 11.x < 11.0.28.6.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is 11 prior to 11.0.28.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2025-Jul-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Amazon Corretto Java 11.x < 11.0.27.6.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is 11 prior to 11.0.27.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2025-Apr-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Amazon Corretto Java 17.x < 17.0.15.6.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is 17 prior to 17.0.15.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2025-Apr-15 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition...
Amazon Corretto Java 11.x < 11.0.26.4.1 Vulnerability
The version of Amazon Corretto installed on the remote host is 11 prior to 11.0.26.4.1. It is, therefore, affected by a vulnerability as referenced in the corretto-11-2025-Jan-21 advisory. - Versions of the package fastecdsa before 2.3.2 are vulnerable to Use of Uninitialized Variable on the stac...
Amazon Linux 2 : java-1.8.0-amazon-corretto (ALASCORRETTO8-2024-014)
The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0432.b06-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2024-014 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...
Important: java-11-amazon-corretto
Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u411, 8u411-perf, 11.0.23, 17.0.11, 21.0.3, 22.0.1; Oracle GraalVM for JDK: 17.0.1...
Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2024-671)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-671 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...
Amazon Corretto Java 8.x < 8.422.05.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 8 8.422.05.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2024-Jul-16 advisory. - hotspot/runtime CVE-2024-21131, CVE-2024-21138 - hotspot/compiler CVE-2024-21140, CVE-2024-21147 -...
Amazon Corretto Java 11.x < 11.0.24.8.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.24.8.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2024-Jul-16 advisory. - hotspot/runtime CVE-2024-21131, CVE-2024-21138 - hotspot/compiler CVE-2024-21140, CVE-2024-21147 ...
Amazon Linux 2 : java-1.8.0-amazon-corretto (ALASCORRETTO8-2024-010)
The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0402.b08-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2024-010 advisory. A vulnerability that allows an attacker to execute arbitrary java code from the javascri...
Low: java-1.8.0-amazon-corretto
Issue Overview: No CVE associated with this advisory Affected Packages: java-1.8.0-amazon-corretto Issue Correction: Run dnf update java-1.8.0-amazon-corretto --releasever 2023.3.20240117 or dnf update --advisory ALAS2023-2024-482 --releasever 2023.3.20240117 to update your system. More informati...
Amazon Corretto Java 17.x < 17.0.10.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.10.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2024-Jan-16 advisory. - hotspot/compiler CVE-2024-20918, CVE-2024-20921 - hotspot/runtime CVE-2024-20919 -...
Low: java-1.8.0-amazon-corretto
Issue Overview: No CVE associated with this advisory Affected Packages: java-1.8.0-amazon-corretto Note: This advisory is applicable to Amazon Linux 2 - Corretto8 Extra. Visit this page to learn more about Amazon Linux 2 AL2 Extras and this FAQ section for the difference between AL2 Core and AL2...
Amazon Corretto Java 11.x < 11.0.22.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.22.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2024-Jan-16 advisory. - hotspot/compiler CVE-2024-20918, CVE-2024-20921 - hotspot/runtime CVE-2024-20919 -...
Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2023-401)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-401 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 20.0.2...
Amazon Corretto Java 11.x < 11.0.21.9.1 Vulnerability
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.21.9.1. It is, therefore, affected by a vulnerability as referenced in the corretto-11-2023-Oct-17 advisory. - security-libs/javax.net.ssl CVE-2023-22081 Note that Nessus has not tested for this issue but has instead...
Amazon Corretto Java 17.x < 17.0.8.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 17 17.0.8.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-17-2023-Jul-18 advisory. - core-libs/java.net CVE-2023-22006 - core-libs/java.util CVE-2023-22036 - hotspot/compiler...
Amazon Corretto Java 11.x < 11.0.19.7.1 Multiple Vulnerabilities
The version of Amazon Corretto installed on the remote host is prior to 11 11.0.19.7.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-11-2023-Apr-18 advisory. - security-libs/javax.net.ssl CVE-2023-21930, CVE-2023-21967 - core-libs/java.net CVE-2023-21937 -...