openjfx-17.0.18.0-1.1 on GA media (moderate)

openjfx-17.0.18.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:10204-1 Rating: moderate Cross-References: CVE-2026-21947 CVSS scores: CVE-2026-21947 SUSE : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now ...

OPENSUSE-SU-2026:10204-1 openjfx-17.0.18.0-1.1 on GA media

These are all security issues fixed in the openjfx-17.0.18.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13919-1 openjfx-17.0.11.0-1.1 on GA media

These are all security issues fixed in the openjfx-17.0.11.0-1.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:11119-1 openjfx-11.0.12-2.2 on GA media

These are all security issues fixed in the openjfx-11.0.12-2.2 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13609-1 openjfx-17.0.10.0-1.1 on GA media

These are all security issues fixed in the openjfx-17.0.10.0-1.1 package on the GA media of openSUSE Tumbleweed...

Fedora: Security Advisory for openjfx (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for openjfx8 (FEDORA-2024-129d8ca6fc)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 40 Update: openjfx-17.0.11.0-2.fc40

JavaFX/OpenJFX is a set of graphics and media APIs that enables Java developers to design, create, test, debug, and deploy rich client applications that operate consistently across diverse platforms. The media module have been removed due to missing dependencies...

GHSA-47G3-MF24-6559 Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated...

Vulnerability affecting the org.openjfx:javafx-media maven component of the OpenJFX project

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u391; Oracle GraalVM Enterprise Edition: 20.3.12 and 21.3.8. Difficult to exploit vulnerability allows unauthenticated...

CVE-2022-2122

DOS / potential heap overwrite in qtdemux using zlib decompression. Integer overflow in qtdemux element in qtdemuxinflate function which causes a segfault, or could cause a heap overwrite, depending on libc and OS. Depending on the libc used, and the underlying OS capabilities, it could be just a...

Amazon Corretto Java 8.x < 8.242.07.1 Multiple Vulnerabilities

The version of Amazon Corretto installed on the remote host is prior to 8 8.242.07.1. It is, therefore, affected by multiple vulnerabilities as referenced in the corretto-8-2020-Jan-14 advisory. - OpenJFX libxslt CVE-2019-13117, CVE-2019-13118 - OpenJFX SQLite CVE-2019-16168 - Serialization...

Privilege Escalation

openjfx is vulnerable to privilege escalation. A malicious user could exploit the vulnerability in Java SE and JavaFX components to gain elevated privileges...

Remote Code Execution (RCE)

openjfx is vulnerable to remote code execution RCE. The vulnerability exists due to the lack of proper validation of user-supplied data in HTML rendering in JavaFX which could result in a write past the end of an allocated data structure, allowing a malicious user to execute code in the context o...

Arbitrary Code Execution

openjfx is vulnerable to arbitrary code execution.An easy-to-exploit vulnerability allows an unauthenticated attacker to compromise and takeover the Java SE...

Privilege Escalation

openjfx is vulnerable to Privilege Escalation. A attacker can gain elevated privileges and access and modify data and cause denial of service conditions on the target system...

JavaFX WebEngine does not properly restrict Java method execution

Overview JavaFX, GUI library for Java applications, is provided with OracleJDK 7 through 10. Since OracleJDK 11, JavaFX is separately maintained and developed by OpenJFX project under OpenJDK community. JavaFX WebEngine component is capable of web content rendering, and possible to be configured ...

JVN#62161191: JavaFX WebEngine does not properly restrict Java method execution

JavaFX, GUI library for Java applications, is provided with OracleJDK 7 through 10. Since OracleJDK 11, JavaFX is separately maintained and developed by OpenJFX project under OpenJDK community. JavaFX WebEngine component is capable of web content rendering, and possible to be configured to allow...

Debian DSA-4005-1 : openjfx - security update

Two unspecified vulnerabilities were discovered in OpenJFX, a rich client application platform for Java. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-4005. The text itself is copyright ...

[SECURITY] [DSA 4005-1] openjfx security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4005-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff October 20, 2017 https://www.debian.org/security/faq -...