CLSA-2025-1751133420 Fix CVE(s): CVE-2025-21587, CVE-2025-30691, CVE-2025-30698

Update to 8u452-ga fixing a number of CVEs - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling - Release notes: https://mail.openjdk.org/pipermail/jdk8u-dev/2025-April/019989.html...

Embedding Trust at Scale: Physics-Aware Neural Watermarking for Secure and Verifiable Data Pipelines

We present a robust neural watermarking framework for scientific data integrity, targeting high-dimensional fields common in climate modeling and fluid simulations. Using a convolutional autoencoder, binary messages are invisibly embedded into structured data such as temperature, vorticity, and...

IDOL: Improved Different Optimization Levels Testing for Solidity Compilers

As blockchain technology continues to evolve and mature, smart contracts have become a key driving force behind the digitization and automation of transactions. Smart contracts greatly simplify and refine the traditional business transaction processes, and thus have had a profound impact on vario...

Symbolic Generation and Modular Embedding of High-Quality Abc-Triples

We present a symbolic identity for generating integer triples $a, b, c$ satisfying $a + b = c$, inspired by structural features of the \emphabc conjecture. The construction uses powers of $2$ and $3$ in combination with modular inversion in $\mathbbZ/3^p\mathbbZ$, leading to a parametric identity...

Keyed Chaotic Dynamics for Privacy-Preserving Neural Inference

Neural network inference typically operates on raw input data, increasing the risk of exposure during preprocessing and inference. Moreover, neural architectures lack efficient built-in mechanisms for directly authenticating input data. This work introduces a novel encryption method for ensuring...

CLSA-2025-1748629211 java-11-openjdk: Fix of 3 CVEs

Upgrade to openjdk-11.0.27+6 GA. The following CVEs were fixed: - CVE-2025-21587: fix TLS connection support to avoid unauthorized access to critical data - CVE-2025-30698: fix buffered image handling to avoid unauthorized access to accessible data - CVE-2025-30691: improve compiler...

USN-7533-1 openjdk-17-crac vulnerabilities

Alicja Kario discovered that the JSSE component of CRaC JDK 17 incorrectly handled RSA padding. An attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 17 incorrectly handled compiler transformations. An...

USN-7531-1 openjdk-21-crac vulnerabilities

Alicja Kario discovered that the JSSE component of CRaC JDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of CRaC JDK 21 incorrectly handled compiler transformations. An...

Adapting Novelty Towards Generating Antigens for Antivirus Systems

It is well known that anti-malware scanners depend on malware signatures to identify malware. However, even minor modifications to malware code structure results in a change in the malware signature thus enabling the variant to evade detection by scanners. Therefore, there exists the need for a...

CVE-2020-13893

Multiple stored cross-site scripting XSS vulnerabilities in Sage EasyPay 10.7.5.10 allow authenticated attackers to inject arbitrary web script or HTML via multiple parameters through Unicode Transformations Best-fit Mapping, as demonstrated by the full-width variants of the less-than sign...

AlmaLinux 9 : java-21-openjdk (ALSA-2025:3855)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:3855 advisory. JDK: Better TLS connection support CVE-2025-21587 JDK: Improve compiler transformations CVE-2025-30691 JDK: Enhance Buffered Image handling CVE-2025-30698...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Better TLS connection support. CVE-2025-21587 Improve compiler transformations. CVE-2025-30691 Enhance Buffered Image handling. CVE-2025-30698 The updated timezone data are needed by the new Java packages...

MGASA-2025-0156 Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Better TLS connection support. CVE-2025-21587 Improve compiler transformations. CVE-2025-30691 Enhance Buffered Image handling. CVE-2025-30698 The updated timezone data are needed by the new Java packages...

ALSA-2025:7508 Moderate: java-21-openjdk security update

The OpenJDK 21 runtime environment. Security Fixes: openjdk: Enhance Buffered Image handling Oracle CPU 2025-04 CVE-2025-30698 openjdk: Improve compiler transformations Oracle CPU 2025-04 CVE-2025-30691 openjdk: Better TLS connection support Oracle CPU 2025-04 CVE-2025-21587 For more details abou...

USN-7483-1 openjdk-21 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 21 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 21 incorrectly handled compiler transformations. An...

USN-7482-1 openjdk-17 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 17 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 17 incorrectly handled compiler transformations. An...

USN-7480-1 openjdk-8 vulnerabilities

Alicja Kario discovered that the JSSE component of OpenJDK 8 incorrectly handled RSA padding. An Attacker could possibly use this issue to obtain sensitive information. CVE-2025-21587 It was discovered that the Compiler component of OpenJDK 8 incorrectly handled compiler transformations. An...

Protocol Dialects As Formal Patterns: a Composable Theory of Lingos -- Technical Report

Protocol dialects are methods for modifying protocols that provide light-weight security, especially against easy attacks that can lead to more serious ones. A lingo is a dialect's key security component by making attackers unable to "speak" the lingo. A lingo's "talk" changes all the time,...

CLSA-2025-1745588218 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade to shenandoah-jdk8u452-b09 fixing the following CVEs: - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling...

CLSA-2025-1745588191 java-1.8.0-openjdk: Fix of 3 CVEs

Upgrade to shenandoah-jdk8u452-b09 fixing the following CVEs: - CVE-2025-21587: better TLS connection support - CVE-2025-30691: improve compiler transformations - CVE-2025-30698: enhance Buffered Image handling...