12 matches found
USN-8332-1 openjdk-17-crac vulnerabilities
Thomas Beckers discovered that the JAXP component of CRaC JDK 17 did not correctly authenticate certain APIs. A remote unauthenticated attacker could possibly use this issue to gain unauthorized access to sensitive information. CVE-2026-22016 It was discovered that the Networking component of CRa...
OPENSUSE-SU-2026:20134-1 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.18+8 January 2026 CPU Security fixes: - CVE-2026-21925: Fixed Oracle Java SE component RMI bsc1257034. - CVE-2026-21932: Fixed Oracle Java SE component AWT and JavaFX bsc1257036. - CVE-2026-21933: Fixed...
Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2026-0927)
The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2026-0927 advisory. 1:17.0.18.0.8-1.0.1 - Add Oracle vendor bug URL Orabug: 34340155 1:17.0.18.0.8-1 - Update to jdk-17.0.18+8 GA - Add to .gitignore...
Ubuntu 25.04 / 25.10 : CRaC JDK 17 vulnerabilities (USN-7900-1)
The remote Ubuntu 25.04 / 25.10 host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-7900-1 advisory. Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An...
openSUSE 16 Security Update : java-17-openjdk (openSUSE-SU-2025-20125-1)
The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025-20125-1 advisory. Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: - CVE-2025-53066: Fixed enhance path factories bsc1252417. - CVE-2025-53057: Fixed...
USN-7900-1 openjdk-17-crac vulnerabilities
Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...
USN-7900-1: CRaC JDK 17 vulnerabilities
Jinfeng Guo discovered that the Security component of CRaC JDK 17 did not correctly handle certain representations of encoded strings. An unauthenticated remote attacker could possibly use this issue to modify files or leak sensitive information. CVE-2025-53057 Darius Bohni discovered that the JA...
SUSE SLED15: java-17-openjdk / java-17-openjdk-demo / java-17-openjdk-devel / etc (SUSE-SU-2025:3997-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:3997-1 advisory. Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: - CVE-2025-53057: Fixed unauthenticated...
SUSE-SU-2025:3997-1 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Upgrade to upstream tag jdk-17.0.17+10 October 2025 CPU: - CVE-2025-53057: Fixed unauthenticated attacker can achieve unauthorized creation, deletion or modification access to critical data bsc1252414. - CVE-2025-53066: Fixed...
USN-7672-1 openjdk-17-crac vulnerabilities
It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...
SUSE-SU-2025:01490-1 Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: + CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 + CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...
Security update for java-17-openjdk
This update for java-17-openjdk fixes the following issues: Update to upstream tag jdk-17.0.15+6 April 2025 CPU CVEs: CVE-2025-21587: Fixed JSSE unauthorized access, deletion or modification of critical data bsc1241274 CVE-2025-30691: Fixed Oracle Java SE Compiler Unauthorized Data Access...