ΠΠΏΠΈΡΠ°Π½ΠΈΠ΅
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java de...
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | ignored | superseded by openjdk-17 |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | DNE | |
| esm-apps/focal | ignored | superseded by openjdk-17 |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 17.0.16+8-1 |
| esm-apps/bionic | released | 17.0.16+8~us1-0ubuntu1~18.04.1 |
| esm-apps/focal | released | 17.0.16+8~us1-0ubuntu1~20.04.6 |
| esm-apps/jammy | released | 17.0.16+8~us1-0ubuntu1~22.04.1 |
| jammy | released | 17.0.16+8~us1-0ubuntu1~22.04.1 |
| noble | released | 17.0.16+8~us1-0ubuntu1~24.04.1 |
| plucky | released | 17.0.16+8~us1-0ubuntu1~25.04.1 |
| questing | released | 17.0.16+8-1 |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 17.0.16+8-0ubuntu1 |
| jammy | DNE | |
| noble | DNE | |
| plucky | released | 17.0.16+8-0ubuntu2~25.04 |
| questing | released | 17.0.16+8-0ubuntu1 |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | DNE | |
| jammy | ignored | superseded by openjdk-19 |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | DNE | |
| jammy | ignored | no longer supported by upstream |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 21.0.8+9-1 |
| esm-apps/focal | released | 21.0.8+9~us1-0ubuntu1~20.04.1 |
| esm-apps/jammy | released | 21.0.8+9~us1-0ubuntu1~22.04.1 |
| focal | ignored | end of standard support, was needed |
| jammy | released | 21.0.8+9~us1-0ubuntu1~22.04.1 |
| noble | released | 21.0.8+9~us1-0ubuntu1~24.04.1 |
| plucky | released | 21.0.8+9~us1-0ubuntu1~25.04.1 |
| questing | released | 21.0.8+9-1 |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 21.0.8+9-0ubuntu1 |
| jammy | DNE | |
| noble | DNE | |
| plucky | released | 21.0.8+9-0ubuntu2~25.04 |
| questing | released | 21.0.8+9-0ubuntu1 |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | DNE | |
| jammy | DNE | |
| noble | DNE | |
| plucky | released | 24.0.2+12~us1-0ubuntu1~25.04.1 |
| questing | DNE | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | needs-triage | |
| jammy | needs-triage | |
| noble | needs-triage | |
| plucky | needs-triage | |
| questing | needs-triage | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 8u462-ga~us1-0ubuntu1 |
| esm-apps/bionic | released | 8u462-ga~us1-0ubuntu2~18.04.2 |
| esm-apps/focal | released | 8u462-ga~us1-0ubuntu2~20.04.2 |
| esm-apps/jammy | released | 8u462-ga~us1-0ubuntu2~22.04.2 |
| esm-apps/noble | released | 8u462-ga~us1-0ubuntu2~24.04.2 |
| esm-infra/xenial | released | 8u462-ga~us1-0ubuntu2~16.04.2 |
| jammy | released | 8u462-ga~us1-0ubuntu2~22.04.2 |
| noble | released | 8u462-ga~us1-0ubuntu2~24.04.2 |
| plucky | released | 8u462-ga~us1-0ubuntu2~25.04.2 |
| questing | released | 8u462-ga~us1-0ubuntu1 |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | DNE | |
| esm-apps/xenial | ignored | no longer supported by upstream |
| jammy | DNE | |
| noble | DNE | |
| plucky | DNE | |
| questing | DNE | |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
| Π Π΅Π»ΠΈΠ· | Π‘ΡΠ°ΡΡΡ | ΠΡΠΈΠΌΠ΅ΡΠ°Π½ΠΈΠ΅ |
|---|---|---|
| devel | released | 11.0.28+6-1ubuntu1 |
| esm-apps/noble | released | 11.0.28+6-1ubuntu1~24.04.1 |
| esm-infra/bionic | released | 11.0.28+6-1ubuntu1~18.04.1 |
| esm-infra/focal | released | 11.0.28+6-1ubuntu1~20.04.1 |
| jammy | released | 11.0.28+6-1ubuntu1~22.04.1 |
| noble | needed | |
| plucky | released | 11.0.28+6-1ubuntu1~25.04.1 |
| questing | released | 11.0.28+6-1ubuntu1 |
| upstream | needs-triage |
ΠΠΎΠΊΠ°Π·ΡΠ²Π°ΡΡ ΠΏΠΎ
Π‘ΡΡΠ»ΠΊΠΈ Π½Π° ΠΈΡΡΠΎΡΠ½ΠΈΠΊΠΈ
EPSS
8.1 High
CVSS3
Π‘Π²ΡΠ·Π°Π½Π½ΡΠ΅ ΡΡΠ·Π²ΠΈΠΌΠΎΡΡΠΈ
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java d...
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java depl
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...
Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: 2D). Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf, 11.0.27, 17.0.15, 21.0.7, 24.0.1; Oracle GraalVM for JDK: 17.0.15, 21.0.7 and 24.0.1; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in takeover of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java d...
Π£ΡΠ·Π²ΠΈΠΌΠΎΡΡΡ ΠΊΠΎΠΌΠΏΠΎΠ½Π΅Π½ΡΠ° 2D ΠΏΡΠΎΠ³ΡΠ°ΠΌΠΌΠ½ΠΎΠΉ ΠΏΠ»Π°ΡΡΠΎΡΠΌΡ Oracle Java SE ΠΈ Π²ΠΈΡΡΡΠ°Π»ΡΠ½ΡΡ ΠΌΠ°ΡΠΈΠ½ Oracle GraalVM for JDK ΠΈ Oracle GraalVM Enterprise Edition, ΠΏΠΎΠ·Π²ΠΎΠ»ΡΡΡΠ°Ρ Π½Π°ΡΡΡΠΈΡΠ΅Π»Ρ ΠΎΠΊΠ°Π·Π°ΡΡ Π²ΠΎΠ·Π΄Π΅ΠΉΡΡΠ²ΠΈΠ΅ Π½Π° ΠΊΠΎΠ½ΡΠΈΠ΄Π΅Π½ΡΠΈΠ°Π»ΡΠ½ΠΎΡΡΡ, ΡΠ΅Π»ΠΎΡΡΠ½ΠΎΡΡΡ ΠΈ Π΄ΠΎΡΡΡΠΏΠ½ΠΎΡΡΡ Π·Π°ΡΠΈΡΠ°Π΅ΠΌΠΎΠΉ ΠΈΠ½ΡΠΎΡΠΌΠ°ΡΠΈΠΈ
EPSS
8.1 High
CVSS3