Amazon Linux 2 : java-11-amazon-corretto (ALAS-2025-2940)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.28+6-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2025-2940 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2025-2741)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.26+4-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2025-2741 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracl...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2599)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.24+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2599 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2527)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.23+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2527 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product...

Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2024-600)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-600 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2024-2414)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.22+7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2414 advisory. A vulnerability that allows an attacker to execute arbitrary java code from the javascript engine even...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2023-2315)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.21+9-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2-2023-2315 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of Oracle Java SE component: JSSE. Supporte...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2023-2026)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.19+7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2023-2026 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2022-1867)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.17+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1867 advisory. Title: Wider MultiByte conversionsBuffer overflow is possible due to incorrect byte count should be...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2022-1822)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.16+8-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1822 advisory. Generated code produced by C1 may leak a package-private class to a class from a different package...

Important: java-11-amazon-corretto

Issue Overview: Generated code produced by C1 may leak a package-private class to a class from a different package. CVE-2022-21540 MethodHandle.invokeBasic method can be accessed on byte code level from an arbitrary class. CVE-2022-21541 The Xalan Java XSLT library has an integer truncation issue...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2022-1778)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.15+9-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2022-1778 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE...

Amazon Linux 2 : java-17-amazon-corretto, java-11-amazon-corretto, java-1.8.0-openjdk, java-1.7.0-openjdk (ALAS-2021-1731)

The version of java-1.7.0-openjdk installed on the remote host is prior to 1.7.0.261-2.6.22.2. The version of java-1.8.0-openjdk installed on the remote host is prior to 1.8.0.312.b07-1. The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.13+8-2. The version of...

Amazon Linux 2 : java-11-amazon-corretto (ALAS-2020-1410)

The version of java-11-amazon-corretto installed on the remote host is prior to 11.0.7+10-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1410 advisory. Further information about this update can be found in the Corretto 11 change log...

Important: java-11-amazon-corretto

Issue Overview: Further information about this update can be found in the Corretto 11 change log https://github.com/corretto/corretto-11/blob/develop/CHANGELOG.md Affected Packages: java-11-amazon-corretto Note: This advisory is applicable to Amazon Linux 2 AL2 Core repository. Visit this FAQ...