Vulnerability-Lookup

BDU:2025-11078

Vulnerability from fstec - Published: 15.04.2025

Title

Уязвимость компонента 2D программной платформы Oracle Java SE и виртуальной машины Oracle GraalVM, позволяющая нарушителю вызвать отказ в обслуживании

Description

Уязвимость компонента 2D программной платформы Oracle Java SE и виртуальной машины Oracle GraalVM Enterprise Edition связана с недостатками контроля доступа. Эксплуатация уязвимости может позволить нарушителю, действующему удаленно, вызвать отказ в обслуживании

Severity ?


                    
                      AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

Vendor

Canonical Ltd., Сообщество свободного программного обеспечения, Red Hat Inc., Oracle Corp., АО "НППКТ", АО «СберТех»

Software Name

Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, Java SE, Oracle GraalVM for JDK, GraalVM Enterprise Edition, ОСОН ОСнова Оnyx (запись в едином реестре российских программ №5913), Platform V SberLinux OS Server (запись в едином реестре российских программ №18785), Red Hat build of OpenJDK

Software Version

16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 22.04 LTS (Ubuntu), 24.04 LTS (Ubuntu), 7 Extended Lifecycle Support (Red Hat Enterprise Linux), 8u441 (Java SE), 8u441-perf (Java SE), 11.0.26 (Java SE), 17.0.14 (Java SE), 21.0.6 (Java SE), 24 (Java SE), 17.0.14 (Oracle GraalVM for JDK), 21.0.6 (Oracle GraalVM for JDK), 24 (Oracle GraalVM for JDK), 20.3.17 (GraalVM Enterprise Edition), 21.3.13 (GraalVM Enterprise Edition), 25.04 (Ubuntu), 10 (Red Hat Enterprise Linux), до 2.13 (ОСОН ОСнова Оnyx), 9.1 (Platform V SberLinux OS Server), 11.0.27 ELS (Red Hat build of OpenJDK), 17.0.15 (Red Hat build of OpenJDK), 21.0.7 (Red Hat build of OpenJDK), 8u452 (Red Hat build of OpenJDK)

Possible Mitigations

Использование рекомендаций производителя: https://www.oracle.com/security-alerts/cpuapr2025.html Для программных продуктов Red Hat Inc.: https://access.redhat.com/security/cve/cve-2025-30698 Для программных продуктов Debian GNU/Linux: https://security-tracker.debian.org/tracker/CVE-2025-30698 Для программных продуктов Ubuntu: https://ubuntu.com/security/CVE-2025-30698 Обновление программного обеспечения openjdk-11 до версии 11.0.27+6.repack-1~deb11u1.osnova2u1

Reference

https://www.oracle.com/security-alerts/cpuapr2025.html https://access.redhat.com/security/cve/cve-2025-30698 https://security-tracker.debian.org/tracker/CVE-2025-30698 https://ubuntu.com/security/CVE-2025-30698 https://поддержка.нппкт.рф/bin/view/ОСнова/Обновления/2.13/

CWE

CWE-284

JSON

To clipboard

{
  "CVSS 2.0": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
  "CVSS 3.0": "AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
  "CVSS 4.0": null,
  "remediation_\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "TO2353",
  "remediation_\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435": "TO2353 \u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 GraalVM",
  "\u0412\u0435\u043d\u0434\u043e\u0440 \u041f\u041e": "Canonical Ltd., \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f, Red Hat Inc., Oracle Corp., \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\", \u0410\u041e \u00ab\u0421\u0431\u0435\u0440\u0422\u0435\u0445\u00bb",
  "\u0412\u0435\u0440\u0441\u0438\u044f \u041f\u041e": "16.04 LTS (Ubuntu), 18.04 LTS (Ubuntu), 20.04 LTS (Ubuntu), 11 (Debian GNU/Linux), 12 (Debian GNU/Linux), 22.04 LTS (Ubuntu), 24.04 LTS (Ubuntu), 7 Extended Lifecycle Support (Red Hat Enterprise Linux), 8u441 (Java SE), 8u441-perf (Java SE), 11.0.26 (Java SE), 17.0.14 (Java SE), 21.0.6 (Java SE), 24 (Java SE), 17.0.14 (Oracle GraalVM for JDK), 21.0.6 (Oracle GraalVM for JDK), 24 (Oracle GraalVM for JDK), 20.3.17 (GraalVM Enterprise Edition), 21.3.13 (GraalVM Enterprise Edition), 25.04 (Ubuntu), 10 (Red Hat Enterprise Linux), \u0434\u043e 2.13 (\u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx), 9.1 (Platform V SberLinux OS Server), 11.0.27 ELS (Red Hat build of OpenJDK), 17.0.15 (Red Hat build of OpenJDK), 21.0.7 (Red Hat build of OpenJDK), 8u452 (Red Hat build of OpenJDK)",
  "\u0412\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u0435 \u043c\u0435\u0440\u044b \u043f\u043e \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e": "\u0418\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435 \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u0430\u0446\u0438\u0439 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u044f:\nhttps://www.oracle.com/security-alerts/cpuapr2025.html\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Red Hat Inc.:\nhttps://access.redhat.com/security/cve/cve-2025-30698\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Debian GNU/Linux:\nhttps://security-tracker.debian.org/tracker/CVE-2025-30698\n\n\u0414\u043b\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u044b\u0445 \u043f\u0440\u043e\u0434\u0443\u043a\u0442\u043e\u0432 Ubuntu:\nhttps://ubuntu.com/security/CVE-2025-30698\n\n\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f openjdk-11 \u0434\u043e \u0432\u0435\u0440\u0441\u0438\u0438 11.0.27+6.repack-1~deb11u1.osnova2u1",
  "\u0414\u0430\u0442\u0430 \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u0438\u044f": "15.04.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f": "24.10.2025",
  "\u0414\u0430\u0442\u0430 \u043f\u0443\u0431\u043b\u0438\u043a\u0430\u0446\u0438\u0438": "14.09.2025",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440": "BDU:2025-11078",
  "\u0418\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u044b \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "CVE-2025-30698, RHSA-2025:3846, RHSA-2025:3847, RHSA-2025:3849, RHSA-2025:3850, RHSA-2025:3853, RHSA-2025:3854, RHSA-2025:3856, RHSA-2025:3857, RHSA-2025:7508, RHSA-2025:8063",
  "\u0418\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f \u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0430",
  "\u041a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u0434\u0430",
  "\u041d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 \u041f\u041e": "Ubuntu, Debian GNU/Linux, Red Hat Enterprise Linux, Java SE, Oracle GraalVM for JDK, GraalVM Enterprise Edition, \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), Platform V SberLinux OS Server (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211618785), Red Hat build of OpenJDK",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u041e\u0421 \u0438 \u0442\u0438\u043f \u0430\u043f\u043f\u0430\u0440\u0430\u0442\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b": "Canonical Ltd. Ubuntu 16.04 LTS , Canonical Ltd. Ubuntu 18.04 LTS , Canonical Ltd. Ubuntu 20.04 LTS , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 11 , \u0421\u043e\u043e\u0431\u0449\u0435\u0441\u0442\u0432\u043e \u0441\u0432\u043e\u0431\u043e\u0434\u043d\u043e\u0433\u043e \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f Debian GNU/Linux 12 , Canonical Ltd. Ubuntu 22.04 LTS , Canonical Ltd. Ubuntu 24.04 LTS , Red Hat Inc. Red Hat Enterprise Linux 7 Extended Lifecycle Support , Canonical Ltd. Ubuntu 25.04 , Red Hat Inc. Red Hat Enterprise Linux 10 , \u0410\u041e \"\u041d\u041f\u041f\u041a\u0422\" \u041e\u0421\u041e\u041d \u041e\u0421\u043d\u043e\u0432\u0430 \u041enyx \u0434\u043e 2.13  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u21165913), \u0410\u041e \u00ab\u0421\u0431\u0435\u0440\u0422\u0435\u0445\u00bb Platform V SberLinux OS Server 9.1  (\u0437\u0430\u043f\u0438\u0441\u044c \u0432 \u0435\u0434\u0438\u043d\u043e\u043c \u0440\u0435\u0435\u0441\u0442\u0440\u0435 \u0440\u043e\u0441\u0441\u0438\u0439\u0441\u043a\u0438\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c \u211618785)",
  "\u041d\u0430\u0438\u043c\u0435\u043d\u043e\u0432\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 2D \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Oracle Java SE \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b Oracle GraalVM, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041d\u0430\u043b\u0438\u0447\u0438\u0435 \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "\u041d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044c \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (CWE-284)",
  "\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043a\u043e\u043c\u043f\u043e\u043d\u0435\u043d\u0442\u0430 2D \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0439 \u043f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u044b Oracle Java SE \u0438 \u0432\u0438\u0440\u0442\u0443\u0430\u043b\u044c\u043d\u043e\u0439 \u043c\u0430\u0448\u0438\u043d\u044b Oracle GraalVM Enterprise Edition \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 \u043d\u0435\u0434\u043e\u0441\u0442\u0430\u0442\u043a\u0430\u043c\u0438 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430. \u042d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u043e\u0437\u0432\u043e\u043b\u0438\u0442\u044c \u043d\u0430\u0440\u0443\u0448\u0438\u0442\u0435\u043b\u044e, \u0434\u0435\u0439\u0441\u0442\u0432\u0443\u044e\u0449\u0435\u043c\u0443 \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e, \u0432\u044b\u0437\u0432\u0430\u0442\u044c \u043e\u0442\u043a\u0430\u0437 \u0432 \u043e\u0431\u0441\u043b\u0443\u0436\u0438\u0432\u0430\u043d\u0438\u0438",
  "\u041f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": null,
  "\u041f\u0440\u043e\u0447\u0430\u044f \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u044f": null,
  "\u0421\u0432\u044f\u0437\u044c \u0441 \u0438\u043d\u0446\u0438\u0434\u0435\u043d\u0442\u0430\u043c\u0438 \u0418\u0411": "\u0414\u0430\u043d\u043d\u044b\u0435 \u0443\u0442\u043e\u0447\u043d\u044f\u044e\u0442\u0441\u044f",
  "\u0421\u043e\u0441\u0442\u043e\u044f\u043d\u0438\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d\u0430",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f": "\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u0435 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u043d\u043e\u0433\u043e \u043e\u0431\u0435\u0441\u043f\u0435\u0447\u0435\u043d\u0438\u044f",
  "\u0421\u043f\u043e\u0441\u043e\u0431 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438": "\u041d\u0430\u0440\u0443\u0448\u0435\u043d\u0438\u0435 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0438\u0438",
  "\u0421\u0441\u044b\u043b\u043a\u0438 \u043d\u0430 \u0438\u0441\u0442\u043e\u0447\u043d\u0438\u043a\u0438": "https://www.oracle.com/security-alerts/cpuapr2025.html\nhttps://access.redhat.com/security/cve/cve-2025-30698\nhttps://security-tracker.debian.org/tracker/CVE-2025-30698\nhttps://ubuntu.com/security/CVE-2025-30698\nhttps://\u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u0430.\u043d\u043f\u043f\u043a\u0442.\u0440\u0444/bin/view/\u041e\u0421\u043d\u043e\u0432\u0430/\u041e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f/2.13/",
  "\u0421\u0442\u0430\u0442\u0443\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u041f\u043e\u0434\u0442\u0432\u0435\u0440\u0436\u0434\u0435\u043d\u0430 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u043c",
  "\u0422\u0438\u043f \u041f\u041e": "\u041e\u043f\u0435\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u0430\u044f \u0441\u0438\u0441\u0442\u0435\u043c\u0430, \u041f\u0440\u0438\u043a\u043b\u0430\u0434\u043d\u043e\u0435 \u041f\u041e \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c",
  "\u0422\u0438\u043f \u043e\u0448\u0438\u0431\u043a\u0438 CWE": "CWE-284",
  "\u0423\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438": "\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 2.0 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,1)\n\u0421\u0440\u0435\u0434\u043d\u0438\u0439 \u0443\u0440\u043e\u0432\u0435\u043d\u044c \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438 (\u0431\u0430\u0437\u043e\u0432\u0430\u044f \u043e\u0446\u0435\u043d\u043a\u0430 CVSS 3.1 \u0441\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 5,6)"
}

RHSA-2025:8063

Vulnerability from csaf_redhat - Published: 2025-05-21 08:33 - Updated: 2026-03-18 03:00

Summary

Red Hat Security Advisory: java-21-ibm-semeru-certified-jdk bug fix and enhancement update

Severity

Moderate

Notes

Topic: An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.

Details: The IBM Semeru Runtime Certified Edition 21 runtime environment. Bug Fix(es) and Enhancement(s): * CVE-2025-21587 CVE-2025-30698 CVE-2025-2900 java-21-ibm-semeru-certified-jdk: various flaws (JIRA:RHEL-92092)

Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

CVE-2025-2900

A flaw was found in IBM Semeru Runtime. This vulnerability allows a denial of service via a crafted AES/CBC encrypted input.

7.5 (High)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE-122 - Heap-based Buffer Overflow

Vendor Fix For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 https://access.redhat.com/errata/RHSA-2025:8063

CVE-2025-21587

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).

7.4 (High)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N

CWE-208 - Observable Timing Discrepancy

CVE-2025-30698

Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and 21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).

5.6 (Medium)


                        
                          CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L

CWE-122 - Heap-based Buffer Overflow

References

URL

Category

	https://access.redhat.com/errata/RHSA-2025:8063	self
	https://access.redhat.com/security/updates/classi…	external
	https://security.access.redhat.com/data/csaf/v2/a…	self
	https://access.redhat.com/security/cve/CVE-2025-2900	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2366318	external
	https://www.cve.org/CVERecord?id=CVE-2025-2900	external
	https://nvd.nist.gov/vuln/detail/CVE-2025-2900	external
	https://www.ibm.com/support/pages/apar/IJ54115	external
	https://www.ibm.com/support/pages/node/7233415	external
	https://access.redhat.com/security/cve/CVE-2025-21587	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2359695	external
	https://www.cve.org/CVERecord?id=CVE-2025-21587	external
	https://nvd.nist.gov/vuln/detail/CVE-2025-21587	external
	https://access.redhat.com/security/cve/CVE-2025-30698	self
	https://bugzilla.redhat.com/show_bug.cgi?id=2359693	external
	https://www.cve.org/CVERecord?id=CVE-2025-30698	external
	https://nvd.nist.gov/vuln/detail/CVE-2025-30698	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://access.redhat.com/security/updates/classification/",
      "text": "Moderate"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "An update for java-21-ibm-semeru-certified-jdk is now available for Red Hat Enterprise Linux 10.",
        "title": "Topic"
      },
      {
        "category": "general",
        "text": "The IBM Semeru Runtime Certified Edition 21 runtime environment.\n\nBug Fix(es) and Enhancement(s):\n\n* CVE-2025-21587 CVE-2025-30698 CVE-2025-2900 java-21-ibm-semeru-certified-jdk: various flaws (JIRA:RHEL-92092)",
        "title": "Details"
      },
      {
        "category": "legal_disclaimer",
        "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
        "title": "Terms of Use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://access.redhat.com/security/team/contact/",
      "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
      "name": "Red Hat Product Security",
      "namespace": "https://www.redhat.com"
    },
    "references": [
      {
        "category": "self",
        "summary": "https://access.redhat.com/errata/RHSA-2025:8063",
        "url": "https://access.redhat.com/errata/RHSA-2025:8063"
      },
      {
        "category": "external",
        "summary": "https://access.redhat.com/security/updates/classification/#moderate",
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "category": "self",
        "summary": "Canonical URL",
        "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_8063.json"
      }
    ],
    "title": "Red Hat Security Advisory: java-21-ibm-semeru-certified-jdk bug fix and enhancement update",
    "tracking": {
      "current_release_date": "2026-03-18T03:00:20+00:00",
      "generator": {
        "date": "2026-03-18T03:00:20+00:00",
        "engine": {
          "name": "Red Hat SDEngine",
          "version": "4.7.3"
        }
      },
      "id": "RHSA-2025:8063",
      "initial_release_date": "2025-05-21T08:33:14+00:00",
      "revision_history": [
        {
          "date": "2025-05-21T08:33:14+00:00",
          "number": "1",
          "summary": "Initial version"
        },
        {
          "date": "2025-05-21T08:33:14+00:00",
          "number": "2",
          "summary": "Last updated version"
        },
        {
          "date": "2026-03-18T03:00:20+00:00",
          "number": "3",
          "summary": "Last generated version"
        }
      ],
      "status": "final",
      "version": "3"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux Supplementary (v. 10)",
                "product": {
                  "name": "Red Hat Enterprise Linux Supplementary (v. 10)",
                  "product_id": "Supplementary-10.0.Z",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:10.0"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "Red Hat Enterprise Linux"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
                  "product_id": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk@21.0.7.0.6-1.el10_0?arch=src\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "src"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk@21.0.7.0.6-1.el10_0?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-devel@21.0.7.0.6-1.el10_0?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-headless@21.0.7.0.6-1.el10_0?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-jmods@21.0.7.0.6-1.el10_0?arch=x86_64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-src@21.0.7.0.6-1.el10_0?arch=x86_64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_id": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk@21.0.7.0.6-1.el10_0?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_id": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-devel@21.0.7.0.6-1.el10_0?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_id": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-headless@21.0.7.0.6-1.el10_0?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_id": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-jmods@21.0.7.0.6-1.el10_0?arch=s390x\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_id": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-src@21.0.7.0.6-1.el10_0?arch=s390x\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk@21.0.7.0.6-1.el10_0?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-devel@21.0.7.0.6-1.el10_0?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-headless@21.0.7.0.6-1.el10_0?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-jmods@21.0.7.0.6-1.el10_0?arch=aarch64\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_id": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-src@21.0.7.0.6-1.el10_0?arch=aarch64\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "aarch64"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_id": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk@21.0.7.0.6-1.el10_0?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_id": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-devel@21.0.7.0.6-1.el10_0?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_id": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-headless@21.0.7.0.6-1.el10_0?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_id": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-jmods@21.0.7.0.6-1.el10_0?arch=ppc64le\u0026epoch=1"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
                "product": {
                  "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_id": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
                  "product_identification_helper": {
                    "purl": "pkg:rpm/redhat/java-21-ibm-semeru-certified-jdk-src@21.0.7.0.6-1.el10_0?arch=ppc64le\u0026epoch=1"
                  }
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64 as a component of Red Hat Enterprise Linux Supplementary (v. 10)",
          "product_id": "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
        },
        "product_reference": "java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64",
        "relates_to_product_reference": "Supplementary-10.0.Z"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-2900",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2025-05-14T19:00:56.465806+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2366318"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "A flaw was found in IBM Semeru Runtime. This vulnerability allows a denial of service via a crafted AES/CBC encrypted input.",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "ibm-semeru: IBM Semeru Runtime denial of service",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "This vulnerability is rated as an important severity because a denial of service vulnerability was found in IBM Semeru Runtime in its native AES/CBC encryption implementation, this is a heap-based buffer overflow caused by a defect, which can lead to a subsequent crash. This issue results in a denial of service, significantly impacting the availability of the runtime.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-2900"
        },
        {
          "category": "external",
          "summary": "RHBZ#2366318",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2366318"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-2900",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-2900"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-2900",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-2900"
        },
        {
          "category": "external",
          "summary": "https://www.ibm.com/support/pages/apar/IJ54115",
          "url": "https://www.ibm.com/support/pages/apar/IJ54115"
        },
        {
          "category": "external",
          "summary": "https://www.ibm.com/support/pages/node/7233415",
          "url": "https://www.ibm.com/support/pages/node/7233415"
        }
      ],
      "release_date": "2025-05-14T18:50:27.327000+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-21T08:33:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:8063"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "HIGH",
            "baseScore": 7.5,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
            "version": "3.1"
          },
          "products": [
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Important"
        }
      ],
      "title": "ibm-semeru: IBM Semeru Runtime denial of service"
    },
    {
      "cve": "CVE-2025-21587",
      "cwe": {
        "id": "CWE-208",
        "name": "Observable Timing Discrepancy"
      },
      "discovery_date": "2025-04-15T07:43:27.892000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2359695"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE).  Supported versions that are affected are Oracle Java SE:8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK:17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition:20.3.17 and  21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized creation, deletion or modification access to critical data or all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as  unauthorized access to critical data or complete access to all Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability can be exploited by using APIs in the specified Component, e.g., through a web service which supplies data to the APIs. This vulnerability also applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. CVSS 3.1 Base Score 7.4 (Confidentiality and Integrity impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openjdk: Better TLS connection support (Oracle CPU 2025-04)",
          "title": "Vulnerability summary"
        },
        {
          "category": "other",
          "text": "The severity of this vulnerability is considered Moderate rather than Important due to the specific conditions required for exploitation and the complexity involved in executing the attack.",
          "title": "Statement"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-21587"
        },
        {
          "category": "external",
          "summary": "RHBZ#2359695",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359695"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-21587",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-21587"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-21587",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-21587"
        }
      ],
      "release_date": "2025-04-15T21:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-21T08:33:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:8063"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "HIGH",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
            "version": "3.1"
          },
          "products": [
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openjdk: Better TLS connection support (Oracle CPU 2025-04)"
    },
    {
      "cve": "CVE-2025-30698",
      "cwe": {
        "id": "CWE-122",
        "name": "Heap-based Buffer Overflow"
      },
      "discovery_date": "2025-04-15T07:38:28.558000+00:00",
      "ids": [
        {
          "system_name": "Red Hat Bugzilla ID",
          "text": "2359693"
        }
      ],
      "notes": [
        {
          "category": "description",
          "text": "Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D).  Supported versions that are affected are Oracle Java SE: 8u441, 8u441-perf, 11.0.26, 17.0.14, 21.0.6, 24; Oracle GraalVM for JDK: 17.0.14, 21.0.6, 24; Oracle GraalVM Enterprise Edition: 20.3.17 and  21.3.13. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data as well as  unauthorized read access to a subset of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.6 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).",
          "title": "Vulnerability description"
        },
        {
          "category": "summary",
          "text": "openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)",
          "title": "Vulnerability summary"
        },
        {
          "category": "general",
          "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
          "title": "CVSS score applicability"
        }
      ],
      "product_status": {
        "fixed": [
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
          "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
        ]
      },
      "references": [
        {
          "category": "self",
          "summary": "Canonical URL",
          "url": "https://access.redhat.com/security/cve/CVE-2025-30698"
        },
        {
          "category": "external",
          "summary": "RHBZ#2359693",
          "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2359693"
        },
        {
          "category": "external",
          "summary": "https://www.cve.org/CVERecord?id=CVE-2025-30698",
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-30698"
        },
        {
          "category": "external",
          "summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-30698",
          "url": "https://nvd.nist.gov/vuln/detail/CVE-2025-30698"
        }
      ],
      "release_date": "2025-04-15T21:00:00+00:00",
      "remediations": [
        {
          "category": "vendor_fix",
          "date": "2025-05-21T08:33:14+00:00",
          "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
          "product_ids": [
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
          ],
          "restart_required": {
            "category": "none"
          },
          "url": "https://access.redhat.com/errata/RHSA-2025:8063"
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "attackComplexity": "HIGH",
            "attackVector": "NETWORK",
            "availabilityImpact": "LOW",
            "baseScore": 5.6,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L",
            "version": "3.1"
          },
          "products": [
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.src",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-devel-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-headless-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-jmods-1:21.0.7.0.6-1.el10_0.x86_64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.aarch64",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.ppc64le",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.s390x",
            "Supplementary-10.0.Z:java-21-ibm-semeru-certified-jdk-src-1:21.0.7.0.6-1.el10_0.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "details": "Moderate"
        }
      ],
      "title": "openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)"
    }
  ]
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

BDU:2025-11078

RHSA-2025:8063

Tags

Sightings

Nomenclature