Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : OpenJDK 25 vulnerabilities (USN-8339-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-8339-1 advisory. Thomas Beckers discovered that the JAXP component of OpenJDK 25 did not correctly authenticate certain APIs. A remote...

ROS-20250822-19

A vulnerability in the 2D component of the Oracle Java SE software platform and Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input validation. and Oracle GraalVM Enterprise Edition virtual machines is related to insufficient input...

USN-7690-1: OpenJDK 17 vulnerabilities

It was discovered that the 2D component of OpenJDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

USN-7672-1 openjdk-17-crac vulnerabilities

It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. CVE-2025-30749, CVE-2025-50106 VMashroor Hasan Bhuiyan discovered that the JSSE...

SUSE CVE-2010-3562

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update 25, 1.4.227, and 1.3.128 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October...

SUSE CVE-2010-3566

Unspecified vulnerability in the 2D component in Oracle Java SE and Java for Business 6 Update 21, 5.0 Update and 25 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: the previous information was obtained from the October 2010 CPU. Oracle ha...

UBUNTU-CVE-2022-21349

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: 2D. Supported versions that are affected are Oracle Java SE: 7u321, 8u311; Oracle GraalVM Enterprise Edition: 20.3.4 and 21.3.0. Easily exploitable vulnerability allows unauthenticated...

UBUNTU-CVE-2019-2987

Vulnerability in the Java SE product of Oracle Java SE component: 2D. Supported versions that are affected are Java SE: 11.0.4 and 13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of this...

Unspecified Vulnerability in Oracle Java SE (CNVD-2019-37417)

Java SE is the Java Platform Standard Edition, for the development and deployment of desktop, server and embedded devices and real-time environment of Java applications. A security vulnerability exists in the 2D component of Oracle Java SE 11.0.4, 13. An attacker could exploit this vulnerability ...

JDK: Unspecified vulnerability fixed in 7u221 and 8u211 (2D)

Vulnerability in the Java SE component of Oracle Java SE subcomponent: 2D. Supported versions that are affected are Java SE: 7u211 and 8u202. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE. Successful attacks of...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

OpenJDK: reading of unprocessed image data in JPEGImageReader (2D, 8169209)

It was discovered that the JPEGImageReader implementation in the 2D component of OpenJDK would, in certain cases, read all image data even if it was not used later. A specially crafted image could cause a Java application to temporarily use an excessive amount of CPU and memory...

Oracle Java SE 2D Component Elevation of Privilege Vulnerability

Sun Java Runtime Environment is a solution that provides a reliable runtime environment for JAVA applications. An unspecified security vulnerability exists in the Sun Java Runtime Environment 2D component that could be exploited by remote attackers to elevate privileges...

Unspecified Arbitrary Code Execution Vulnerability in Oracle Java SE 2D Component

Oracle Java SE is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in the 2D subcomponent of Oracle Java SE, which can be exploited by a remote attacker to construct a malicious WEB page that can b...

Unspecified Vulnerability in Oracle Java SE 2D Component (CNVD-2015-04848)

Oracle Java SE is used to develop and deploy Java applications for desktops, servers, and embedded devices and real-time environments. A security vulnerability exists in the Security subcomponent of Oracle Java SE, which can be exploited by a remote attacker to construct a malicious web page and...

ICU: integer overflow in LETableReference verifyLength() (OpenJDK 2D, 8077520)

An information leak flaw was found in the 2D component in OpenJDK. An untrusted Java application or applet could use this flaw to bypass certain Java sandbox restrictions...

ICU: font parsing OOB read (OpenJDK 2D, 8055489)

A boundary check flaw was found in the font parsing code in the 2D component in OpenJDK. A specially crafted font file could allow an untrusted Java application or applet to disclose portions of the Java Virtual Machine memory...

OpenJDK: Specially crafted sample model integer overflow (2D, 8007014)

Unspecified vulnerability in the 2D component in the Java Runtime Environment JRE component in Oracle Java SE 7 Update 15 and earlier, 6 Update 41 and earlier, and 5.0 Update 40 and earlier allows remote attackers to execute arbitrary code via unknown vectors, a different vulnerability than...