SUSE SLED15 / SLES15 Security Update : java-25-openjdk (SUSE-SU-2026:1704-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1704-1 advisory. Update to upstream tag jdk-25.0.3+9 April 2026 CPU. Security issues fixed: - CVE-2026-22007: Security:...

java-11-openj9-11.0.31.0-1.1 on GA media (moderate)

java-11-openj9-11.0.31.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10724-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22016 CVE-2026-22021 CVE-2026-34268 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE : 2.1...

java-17-openj9-17.0.19.0-1.1 on GA media (moderate)

java-17-openj9-17.0.19.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10725-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22016 CVE-2026-22021 CVE-2026-34268 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE : 2.1...

java-21-openj9-21.0.11.0-1.1 on GA media (moderate)

java-21-openj9-21.0.11.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10727-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22016 CVE-2026-22021 CVE-2026-34268 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE : 2.1...

java-1_8_0-openj9-1.8.0.492-1.1 on GA media (moderate)

java-180-openj9-1.8.0.492-1.1 on GA media Announcement ID: openSUSE-SU-2026:10726-1 Rating: moderate Cross-References: CVE-2026-22007 CVE-2026-22016 CVE-2026-22021 CVE-2026-34268 CVSS scores: CVE-2026-22007 SUSE : 2.9 CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N CVE-2026-22007 SUSE : 2.1...

CVE-2026-8211

A vulnerability was detected in codelibs Fess up to 15.5.1. Affected by this issue is the function update of the file org/codelibs/fess/app/web/admin/design/AdminDesignAction.java of the component JSP File Handler. The manipulation of the argument content results in code injection. The attack may...

Amazon Linux 2 : java-1.8.0-amazon-corretto, --advisory ALAS2CORRETTO8-2026-023 (ALASCORRETTO8-2026-023)

The version of java-1.8.0-amazon-corretto installed on the remote host is prior to 1.8.0492.b09-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2CORRETTO8-2026-023 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise...

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-26-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-21-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-11-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-1.8.0-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Important: java-17-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Fess 注入漏洞

Fess is a powerful and easy-to-deploy enterprise search server developed by the CodeLibs Project. Versions of Fess 15.5.1 and earlier contained a vulnerability due to an injection flaw in the JSP File Handler component. This flaw stemmed from the update function in the...

Amazon Linux 2023 : java-26-amazon-corretto, java-26-amazon-corretto-devel, java-26-amazon-corretto-headless (ALAS2023-2026-1682)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1682 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

Important: java-25-amazon-corretto

Issue Overview: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV...

Amazon Linux 2023 : java-25-amazon-corretto, java-25-amazon-corretto-devel, java-25-amazon-corretto-headless (ALAS2023-2026-1686)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1686 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...

Amazon Linux 2023 : java-21-amazon-corretto, java-21-amazon-corretto-devel, java-21-amazon-corretto-headless (ALAS2023-2026-1683)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2026-1683 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Security. Supported versions that are affected are Oracle Ja...