CLSA-2025-1752246531

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1752246531
Upstream
Published
2025-07-11T15:08:55Z
Modified
2026-05-27T11:32:54.992937431Z
Summary
java-11-openjdk: Fix of 13 CVEs
Details
  • Upgrade to openjdk-11.0.27+6. The following CVEs were fixed:
  • CVE-2025-30698: fix buffered image handling to avoid unauthorized access to accessible data
  • CVE-2025-30691: improve compiler transformations to avoid unauthorized access to accessible data
  • CVE-2024-21144: invalid header validation leads to Pack200 excessive loading time
  • CVE-2024-21147: out-of-bounds array index in range check elimination
  • CVE-2024-21138: infinite loop vunlerability in SymbolTable
  • CVE-2024-21131: UTF8 size overflow
  • CVE-2024-21235: incorrect range check because of integer conversion error in LoopNode
  • CVE-2024-21140: int overflow/underflow in range check elimination
  • CVE-2024-21217: out-of-memory because of unbounded allocation in MessageFormat
  • CVE-2024-21210: integer overflow in array indexing in SuperWord
  • CVE-2024-21145: out-of-bounds access in MaskFill
  • CVE-2024-21208: improper handling of maxHeaderSize in HTTP client
  • CVE-2025-21502: enhance array handling
References

Affected packages

TuxCare:AlmaLinux:9.2
java-11-openjdk

Package

Name
java-11-openjdk
Purl
pkg:rpm/tuxcare/java-11-openjdk?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-demo

Package

Name
java-11-openjdk-demo
Purl
pkg:rpm/tuxcare/java-11-openjdk-demo?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-devel

Package

Name
java-11-openjdk-devel
Purl
pkg:rpm/tuxcare/java-11-openjdk-devel?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-headless

Package

Name
java-11-openjdk-headless
Purl
pkg:rpm/tuxcare/java-11-openjdk-headless?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-javadoc

Package

Name
java-11-openjdk-javadoc
Purl
pkg:rpm/tuxcare/java-11-openjdk-javadoc?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-javadoc-zip

Package

Name
java-11-openjdk-javadoc-zip
Purl
pkg:rpm/tuxcare/java-11-openjdk-javadoc-zip?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-jmods

Package

Name
java-11-openjdk-jmods
Purl
pkg:rpm/tuxcare/java-11-openjdk-jmods?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-src

Package

Name
java-11-openjdk-src
Purl
pkg:rpm/tuxcare/java-11-openjdk-src?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"
java-11-openjdk-static-libs

Package

Name
java-11-openjdk-static-libs
Purl
pkg:rpm/tuxcare/java-11-openjdk-static-libs?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:11.0.27.0.6-1.el9.tuxcare.els1

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1752246531.json"