VYPR

rpm package

almalinux/java-25-openjdk-headless-fastdebug

pkg:rpm/almalinux/java-25-openjdk-headless-fastdebug

Vulnerabilities (17)

  • CVE-2026-34282HigApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalVM for JDK: 1

  • CVE-2026-34268LowApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle Gr

  • CVE-2026-22021MedApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV

  • CVE-2026-22018LowApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle G

  • CVE-2026-22016HigApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JAXP). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV

  • CVE-2026-22013MedApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JGSS). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle GraalV

  • CVE-2026-22008LowApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in Oracle Java SE (component: Libraries). The supported version that is affected is Oracle Java SE: 25.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE. Successful atta

  • CVE-2026-22007LowApr 21, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u481, 8u481-b50, 8u481-perf, 11.0.30, 17.0.18, 21.0.10, 25.0.2, 26; Oracle Gr

  • CVE-2026-33636HigMar 26, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.6.36 through 1.6.55, an out-of-bounds read and write exists in libpng's ARM/AArch64 Neon-optimized palette expansion path. Whe

  • CVE-2026-33416HigMar 26, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. In versions 1.2.1 through 1.6.55, `png_set_tRNS` and `png_set_PLTE` each alias a heap-allocated buffer between `png_struct` and `png_info`,

  • CVE-2026-26740Mar 18, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    Buffer Overflow vulnerability in giflib v.5.2.2 allows a remote attacker to cause a denial of service via the EGifGCBToExtension overwriting an existing Graphic Control Extension block without validating its allocated size.

  • CVE-2026-23865MedMar 2, 2026
    affected < 1:25.0.3.0.9-1.el10_2fixed 1:25.0.3.0.9-1.el10_2

    An integer overflow in the tt_var_load_item_variation_store function of the Freetype library in versions 2.13.2 and 2.13.3 may allow for an out of bounds read operation when parsing HVAR/VVAR/MVAR tables in OpenType variable fonts. This issue is fixed in version 2.14.2.

  • CVE-2026-21945HigJan 20, 2026
    affected < 1:25.0.2.0.10-1.el10fixed 1:25.0.2.0.10-1.el10

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM

  • CVE-2026-21933MedJan 20, 2026
    affected < 1:25.0.2.0.10-1.el10fixed 1:25.0.2.0.10-1.el10

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle Graal

  • CVE-2026-21925MedJan 20, 2026
    affected < 1:25.0.2.0.10-1.el10fixed 1:25.0.2.0.10-1.el10

    Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: RMI). Supported versions that are affected are Oracle Java SE: 8u471, 8u471-b50, 8u471-perf, 11.0.29, 17.0.17, 21.0.9, 25.0.1; Oracle GraalVM for

  • CVE-2025-65018Nov 24, 2025
    affected < 1:25.0.2.0.10-1.el10fixed 1:25.0.2.0.10-1.el10

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, there is a heap buffer overflow vulnerability in the libpng simplified API function png_image_finish_re

  • CVE-2025-64720Nov 24, 2025
    affected < 1:25.0.2.0.10-1.el10fixed 1:25.0.2.0.10-1.el10

    LIBPNG is a reference library for use in applications that read, create, and manipulate PNG (Portable Network Graphics) raster image files. From version 1.6.0 to before 1.6.51, an out-of-bounds read vulnerability exists in png_image_read_composite when processing palette images w