GHSA-36XM-WX7C-G2HQ vulnerabilities

Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...

Photon OS 5.0: Openjdk17 PHSA-2025-5.0-0468

An update of the openjdk17 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0468. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Openjdk17 PHSA-2025-4.0-0743

An update of the openjdk17 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0743. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Important Photon OS Security Update - PHSA-2025-4.0-0743

Updates of 'openjdk17', 'linux' packages of Photon OS have been released...

Photon OS 3.0: Openjdk17 PHSA-2023-3.0-0598

An update of the openjdk17 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0598. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Openjdk17 PHSA-2023-4.0-0409

An update of the openjdk17 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0409. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Openjdk17 PHSA-2023-5.0-0028

An update of the openjdk17 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0028. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

USN-6661-1: OpenJDK 17 vulnerabilities

Yi Yang discovered that the Hotspot component of OpenJDK 17 incorrectly handled array accesses in the C1 compiler. An attacker could possibly use this issue to cause a denial of service, execute arbitrary code or bypass Java sandbox restrictions. CVE-2024-20918 It was discovered that the Hotspot...

Important Photon OS Security Update - PHSA-2023-3.0-0598

Updates of 'openjdk17', 'linux-esx', 'sysstat', 'linux-secure', 'linux-aws', 'linux-rt', 'linux' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2023-5.0-0028

Updates of 'openjdk17' packages of Photon OS have been released...

Important Photon OS Security Update - PHSA-2023-4.0-0409

Updates of 'openjdk17' packages of Photon OS have been released...

Remote Code Execution (RCE)

openjdk17 is vulnerable to remote code execution. The vulnerability exists in Oracle Java SE and Oracle GraalVM Enterprise Edition which allows an unauthenticated attacker to update, insert or delete Oracle Java SE, Oracle GraalVM Enterprise Edition accessible data...

CentOS 8 : maven:3.6 (CESA-2022:4797)

The remote CentOS Linux 8 host has packages installed that are affected by a vulnerability as referenced in the CESA-2022:4797 advisory. - maven-shared-utils: Command injection via Commandline class CVE-2022-29599 Note that Nessus has not tested for this issue but has instead relied only on the...

maven:3.6 security and enhancement update

httpcomponents-client 4.5.10-4 - Fix incorrect handling of malformed authority component in request URIs - Resolves: CVE-2020-13956 maven 1:3.6.2-7 - Add maven-openjdk17 - Resolves: rhbz1991521...

Denial Of Service (DoS)

openjdk17 is vulnerable to denial of service. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle...

Remote Code Execution (RCE)

openjdk17 is vulnerable to remote code execution. It allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to...