INFSA-2025:10867: java-17-openjdk security update
Information about definition
Identificator: INFSA-2025:10867
Type: security
Release date: 2025-07-25 10:53:14 UTC
Information about package
The java-17-openjdk packages provide the OpenJDK 17 Java Runtime Environment and the OpenJDK 17 Java Software Development Kit.
Vulnerabilities description
- CVE-2025-30749
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability.
- CVE-2025-30754
An unspecified vulnerability in Oracle Java SE related to the JSSE component could allow a remote attacker to cause low confidentiality impact and low integrity impact.
- CVE-2025-50059
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the Networking component could allow a remote attacker to cause high confidentiality impact.
- CVE-2025-50106
An unspecified vulnerability in Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition related to the 2D component could allow a remote attacker to cause high confidentiality impact and high integrity impact and high availability.
Severity level
| CVE | Score CVSS 2.0 | Score CVSS 3.x | Score CVSS 4.0 |
|---|---|---|---|
|
NIST — CVE-2025-30749
|
no information | 8.1 | no information |
|
NIST — CVE-2025-30754
|
no information | 4.8 | no information |
|
NIST — CVE-2025-50059
|
no information | 8.6 | no information |
|
NIST — CVE-2025-50106
|
no information | 8.1 | no information |
Updated packages