GHSA-3XJG-P34V-7JGF vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-21-openj9, openjdk-25-openj9, openjdk-8-openj9, openjdk-11-openj9, openjdk-26-openj9...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.28+6 July 2025 CPU: Security fixes: CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598...

SUSE-SU-2025:02666-1 Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.28+6 July 2025 CPU: Security fixes: - CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 - CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598 -...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.28+6 July 2025 CPU: Security fixes: CVE-2025-30749: several scenarios can lead to heap corruption bsc1246595 CVE-2025-30754: incomplete handshake may lead to weakening TLS protections bsc1246598...

OPENSUSE-SU-2025:15390-1 java-11-openj9-11.0.28.0-1.1 on GA media

These are all security issues fixed in the java-11-openj9-11.0.28.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2025:15356-1 java-11-openjdk-11.0.28.0-1.1 on GA media

These are all security issues fixed in the java-11-openjdk-11.0.28.0-1.1 package on the GA media of openSUSE Tumbleweed...

openSUSE Security Advisory (SUSE-SU-2025:01487-2)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

CLSA-2025-1748629211 java-11-openjdk: Fix of 3 CVEs

Upgrade to openjdk-11.0.27+6 GA. The following CVEs were fixed: - CVE-2025-21587: fix TLS connection support to avoid unauthorized access to critical data - CVE-2025-30698: fix buffered image handling to avoid unauthorized access to accessible data - CVE-2025-30691: improve compiler...

Fedora: Security Advisory (FEDORA-2025-e6f20785e3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2025:15077-1 java-11-openj9-11.0.27.0-1.1 on GA media

These are all security issues fixed in the java-11-openj9-11.0.27.0-1.1 package on the GA media of openSUSE Tumbleweed...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.27+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...

Fedora: Security Advisory (FEDORA-2025-603b975ee6)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GHSA-RGFX-7P65-3FF4 Apache Cassandra: unrestricted deserialization of JMX authentication credentials

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...

Man-in-the-Middle (MitM)

Overview org.apache.cassandra:cassandra-all is a maven plugin for the Apache Cassandra Project. Which, develops a highly scalable second-generation distributed database, bringing together Dynamo's fully distributed design and Bigtable's ColumnFamily-based data model. Affected versions of this...

AZL-56446 CVE-2024-27137 affecting package cassandra 4.0.10-1

In Apache Cassandra it is possible for a local attacker without access to the Apache Cassandra process or configuration files to manipulate the RMI registry to perform a man-in-the-middle attack and capture user names and passwords used to access the JMX interface. The attacker can then use these...

SUSE: Security Advisory (SUSE-SU-2025:0338-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Medium: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u431-perf, 11.0.25, 17.0.13, 21.0.5, 23.0.1; Oracle GraalVM for JDK: 17.0.13,...

Security update for java-11-openjdk

This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 January 2025 CPU Security fixes: CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: JDK-8224624: Inefficiencies in CodeStrings::addcomment cause - timeouts JDK-8225045:...