Multiple vulnerabilities in Oracle Java

Descripción

Multiple vulnerabilities were found in Oracle Java. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, cause denial of service.

Below is a complete list of vulnerabilities:

1. Information disclosure vulnerability in JSSE can be exploited to obtain sensitive information.
2. Arbitrary code execution vulnerability in JavaFX (gstreamer) can be exploited to execute arbitrary code.
3. Memory corruption vulnerability in JavaFX (WebKitGTK) can be exploited via special crafted web content to cause denial of service.
4. Information disclosure vulnerability in Compiler can be exploited remotely to obtain sensitive information.
5. Information disclosure vulnerability in 2D can be exploited remotely to obtain sensitive information.

Notas informativas originales

• Oracle Critical Patch Update Advisory – April 2025

Productos relacionados

• Oracle-Java-JRE-1.8.x

Lista CVE

• CVE-2024-47606
  critical
• CVE-2024-54534
  critical
• CVE-2025-21587
  high
• CVE-2025-30691
  warning
• CVE-2025-30698
  high

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com