19 matches found
USN-8334-1: CRaC JDK 25 vulnerabilities
Thomas Beckers discovered that the JAXP component of CRaC JDK 25 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of CRa...
USN-8332-1 openjdk-17-crac vulnerabilities
Thomas Beckers discovered that the JAXP component of CRaC JDK 17 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of CRa...
USN-7997-1 openjdk-17-crac vulnerabilities
It was discovered that the RMI component of CRaC JDK 17 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
USN-7996-1 openjdk-25-crac vulnerabilities
It was discovered that the RMI component of CRaC JDK 25 would establish RMI TCP endpoint connections to a remote host without setting an endpoint identification algorithm. An unauthenticated remote attacker could possibly use this issue to steal sensitive information. CVE-2026-21925 Mingijung...
Ubuntu 25.10 : CRaC JDK 25 vulnerabilities (USN-7902-1)
The remote Ubuntu 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7902-1 advisory. Jinfeng Guo discovered that the Security component of CRaC JDK 25 did not correctly handle certain representations of encoded strings. An unauthenticated...
Ubuntu 25.04 / 25.10 : CRaC JDK 17 vulnerabilities (USN-7900-1)
The remote Ubuntu 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7900-1 advisory. Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An...
USN-7902-1 openjdk-25-crac vulnerabilities
Jinfeng Guo discovered that the Security component of CRaC JDK 25 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...
USN-7901-1 openjdk-21-crac vulnerabilities
Jinfeng Guo discovered that the Security component of CRaC JDK 21 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...
USN-7900-1 openjdk-17-crac vulnerabilities
Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...
USN-7900-1: CRaC JDK 17 vulnerabilities
Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...
Ubuntu 25.04 : CRaC JDK 17 vulnerabilities (USN-7672-1)
The remote Ubuntu 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7672-1 advisory. It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue ...
USN-7673-1 openjdk-21-crac vulnerabilities
It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
USN-7673-1: CRaC JDK 21 vulnerabilities
It was discovered that the 2D component of CRaC JDK 21 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
USN-7672-1 openjdk-17-crac vulnerabilities
It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
USN-7531-1 openjdk-21-crac vulnerabilities
Alicja Kario discovered that the JSSE component of CRaC JDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 21 incorrectly handled compiler transformations. An...
Ubuntu 24.10 / 25.04 : CRaC JDK 17 vulnerabilities (USN-7533-1)
The remote Ubuntu 24.10 / 25.04 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7533-1 advisory. Alicja Kario discovered that the JSSE component of CRaC JDK 17 incorrectly handled RSA padding. An attacker could possibly use this issue to obtain...
USN-7339-1: CRaC JDK 21 vulnerabilities
Andy Boothe discovered that the Networking component of CRaC JDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker could possibly use this issue to cause a denial of service. CVE-2024-21208 It was discovered that the Hotspot component of CRaC JDK 21 did no...
Ubuntu 24.10 : CRaC JDK 17 vulnerabilities (USN-7338-1)
The remote Ubuntu 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7338-1 advisory. Andy Boothe discovered that the Networking component of CRaC JDK 17 did not properly handle access under certain circumstances. An unauthenticated attacker...
Ubuntu 24.10 : CRaC JDK 21 vulnerabilities (USN-7339-1)
The remote Ubuntu 24.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7339-1 advisory. Andy Boothe discovered that the Networking component of CRaC JDK 21 did not properly handle access under certain circumstances. An unauthenticated attacker...