Amazon Linux 2023 : java-11-amazon-corretto, java-11-amazon-corretto-devel, java-11-amazon-corretto-headless (ALAS2023-2024-600)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-600 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-22-amazon-corretto, java-22-amazon-corretto-devel, java-22-amazon-corretto-headless (ALAS2023-2024-601)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-601 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java...

Amazon Linux 2023 : java-1.8.0-amazon-corretto, java-1.8.0-amazon-corretto-devel (ALAS2023-2024-602)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-602 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: JavaFX. Supported versions that are affected are Oracle Java SE: 8u401; Oracle GraalV...

CentOS 7 : java-11-openjdk (RHSA-2024:1821)

The remote CentOS Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1821 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supporte...

Azul Zulu Java Multiple Vulnerabilities (2024-01-16)

The version of Azul Zulu installed on the remote host is prior to 6 6.61.0.16 / 7 7.67.0.16 / 8 8.75.0.16 / 11 11.69.14 / 17 17.47.16 / 21 21.31.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2024-01-16 advisory. - Vulnerability in the Oracle Java SE, Oracle Graal...

K000139377: OpenJDK vulnerabilities CVE-2024-21011, CVE-2024-21012, CVE-2024-21068, CVE-2024-21085, and CVE-2024-21094

Security Advisory Description CVE-2024-21011 Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions that are affected are Oracle Java SE: 8u401, 8u401-perf, 11.0.22, 17.0.10, 21.0.2, 22; Oracl...

Debian dsa-5672 : openjdk-17-dbg - security update

The remote Debian 11 / 12 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5672 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported...

Debian dsa-5671 : openjdk-11-dbg - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5671 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Supported versions...

Oracle Linux 7 : java-11-openjdk (ELSA-2024-1821)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1821 advisory. 1:11.0.23.0.9-2.0.1 - link atomic for ix86 build 1:11.0.23.0.9-2 - Fix 11.0.22 release date in NEWS - Restore ppc64le --with-jobs=1 workaround to avoid...

OpenJDK: C2 compilation fails with "Exceeded _node_regs array" (8317507)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

OpenJDK: integer overflow in C1 compiler address generation (8322122)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

OpenJDK: Pack200 excessive memory allocation (8322114)

A flaw was found in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Concurrency. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM Enterprise Edition...

Oracle Java (Apr 2024 CPU)

The 8u401, 20.3.13, 21.3.9, 11.0.23, 17.0.10, 21.0.3, 22, and perf versions of Java installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java S...

Oracle Linux 8 / 9 : java-17-openjdk (ELSA-2024-1825)

The remote Oracle Linux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-1825 advisory. 17.0.11.0.9-2.0.1 - Add Oracle vendor bug URL 1:17.0.11.0.9-2 - Update to jdk-17.0.11+9 GA - Add openjdk-17.0.11+9.tar.xz to .gitignore - Sync...

AlmaLinux 8 / 9 : java-1.8.0-openjdk (ALSA-2024:1818)

The remote AlmaLinux 8 / 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2024:1818 advisory. - Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Support...

OpenJDK: long Exception message leading to crash (8319851)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

OpenJDK: integer overflow in C1 compiler address generation (8322122)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

OpenJDK: long Exception message leading to crash (8319851)

A flaw was found in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Hotspot. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalV...

Unspecified Vulnerability in Oracle Java SE (CNVD-2024-24970)

Oracle Java SE is a product of Oracle Corporation.Oracle Java SE is a Java application for the development and deployment of desktop, server, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE for Oracle Java SE, Oracle GraalVM for JDK, and Oracle...

Unspecified Vulnerability in Oracle Java SE (CNVD-2024-48675)

Oracle Java SE is a for developing and deploying Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in Oracle Java SE for Oracle Java SE and Oracle GraalVM Enterprise Edition. An attacker could exploit the vulnerability to cau...