SUSE SLES15 / openSUSE 15 Security Update : java-1_8_0-openjdk (SUSE-SU-2024:1451-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1451-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Ja...

SUSE SLES12 Security Update : java-1_8_0-openjdk (SUSE-SU-2024:1450-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:1450-1 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE componen...

Amazon Linux 2023 : java-22-amazon-corretto, java-22-amazon-corretto-devel, java-22-amazon-corretto-headless (ALAS2023-2024-601)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-601 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-17-amazon-corretto, java-17-amazon-corretto-devel, java-17-amazon-corretto-headless (ALAS2023-2024-599)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-599 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2024-602)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-602 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalV...

K000139423: OpenJDK vulnerabilities CVE-2024-21002, CVE-2024-21003, and CVE-2024-21004

Security Advisory Description CVE-2024-21002 Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalVM Enterprise Edition: 20.3.13 and 21.3.9. Difficult to...

Security Bulletin: IBM MQ is affected by a vulnerability in the IBM Semeru Runtime (CVE-2024-20952)

Summary An issue was identified with IBM Semeru Runtime, Version 17, which is used in IBM MQ Explorer. Vulnerability Details CVEID:CVE-2024-20952 DESCRIPTION: An unspecified vulnerability in Java SE related to the Security component could allow a remote attacker to cause high confidentiality impa...

CentOS 7 : java-11-openjdk (RHSA-2024:1821)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1821 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supporte...

Azul Zulu Java Multiple Vulnerabilities (2024-01-16)

The version of Azul Zulu installed on the remote host is prior to 6 6.61.0.16 / 7 7.67.0.16 / 8 8.75.0.16 / 11 11.69.14 / 17 17.47.16 / 21 21.31.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-01-16 advisory. - Vulnerability in the Oracle Java SE, Oracle Graal...

Oracle Linux 8 / 9 : java-1.8.0-openjdk (ELSA-2024-1818)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1818 advisory. 1:1.8.0.412.b08-2.0.1 - Add Oracle vendor bug URL Orabug: 34340155 Tenable has extracted the preceding description block directly from the Oracle...

Azul Zulu Java Multiple Vulnerabilities (2024-04-16)

The version of Azul Zulu installed on the remote host is prior to 6 6.63.0.14 / 7 7.69.0.14 / 8 8.77.0.14 / 11 11.71.14 / 17 17.49.16 / 21 21.33.14 / 22 22.30.14. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-04-16 advisory. - The issue was addressed with improv...

Oracle Linux 8 / 9 : java-11-openjdk (ELSA-2024-1822)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1822 advisory. 1:11.0.23.0.9-3.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS 1:11.0.23.0.9-1 - Update to...

Oracle Linux 8 / 9 : java-21-openjdk (ELSA-2024-1828)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1828 advisory. 1:21.0.3.0.9-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:21.0.3.0.9-1 - Update to jdk-21.0.3+9 GA - Update release notes to 21.0.3+9 -...

K000139377: OpenJDK vulnerabilities CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, and CVE-2024-21094

Security Advisory Description CVE-2024-21011 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracl...

Debian dsa-5672 : openjdk-17-dbg - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5672 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Debian dsa-5671 : openjdk-11-dbg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5671 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions...

Oracle Linux 7 : java-11-openjdk (ELSA-2024-1821)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1821 advisory. 1:11.0.23.0.9-2.0.1 - link atomic for ix86 build 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS - Restore ppc64le --with-jobs=1 workaround to avoid...

Debian dla-3793 : openjdk-11-dbg - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3793 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3793-1 [email protected]...

OpenJDK: integer overflow in C1 compiler address generation (8322122)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...