Multiple vulnerabilities in Oracle Java SE and GraalVM

Description

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to execute arbitrary code, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Hotspot can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Concurrency can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in 2D can be exploited remotely to execute arbitrary code.

Original advisories

• Oracle Critical Patch Update Advisory – July 2024

Related products

• Oracle-Java-JRE-1.8.x

CVE list

• CVE-2024-21147
  high
• CVE-2024-21138
  warning
• CVE-2024-21131
  warning
• CVE-2024-21144
  warning
• CVE-2024-21140
  warning
• CVE-2024-21145
  warning

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com