CLSA-2025-1753799434

See a problem?
Import Source
https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json
JSON Data
https://api.test.osv.dev/v1/vulns/CLSA-2025-1753799434
Upstream
Published
2025-07-29T14:30:38Z
Modified
2026-05-27T11:36:13.892584313Z
Summary
java-1.8.0-openjdk: Fix of 19 CVEs
Details
  • Security fixes from OpenJDK 8u452-b09:
    • CVE-2025-21587: JSSE issue allowing remote access or modification of sensitive data
    • CVE-2025-30698: allows limited data access and partial DoS via untrusted Java code
    • CVE-2025-30691: allows limited data access via untrusted code using compiler APIs
  • Security fixes from OpenJDK 8u442-b06:
    • CVE-2025-21502: hotspot vulnerability enabling limited data access java clients
  • Security fixes from OpenJDK 8u432-b06:
    • CVE-2024-21235: sandbox bypass in java clients via exposed APIs
    • CVE-2024-21208: network flaw in sandboxed java clients enabling limited DoS
    • CVE-2024-21210: enabling data modification in sandboxed clients via crafted API input
    • CVE-2024-21217: serialization flaw may trigger partial DoS in sandboxed environments
  • Security fixes from OpenJDK 8u422-b05:
    • CVE-2024-21147: hotspot issue may lead to unauthorized access of sensitive data
    • CVE-2024-21145: enable limited unauthorized data access via untrusted java code
    • CVE-2024-21140: expose limited data to unauthorized read/write via sandboxed java code
    • CVE-2024-21144: allow remote unauthenticated attacker to cause partial DoS
    • CVE-2024-21131: remote access via API may lead to limited data modification
    • CVE-2024-21138: remote API calls may trigger partial DoS in sandboxed java environments
  • Security fixes from OpenJDK 8u412-b08:
    • CVE-2024-21094: lead to unauthorized data changes in sandboxed java apps
    • CVE-2024-21085: concurrency flaw may cause partial DoS in sandboxed java environments
    • CVE-2024-21011: hotspot issue may trigger partial DoS in sandboxed java environments
    • CVE-2024-21068: lead to limited unauthorized data modification in sandboxed deployments
    • CVE-2024-21012: networking issue may allow limited data modification
References

Affected packages

TuxCare:AlmaLinux:9.2
java-1.8.0-openjdk

Package

Name
java-1.8.0-openjdk
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-demo

Package

Name
java-1.8.0-openjdk-demo
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-demo-fastdebug

Package

Name
java-1.8.0-openjdk-demo-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-fastdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-demo-slowdebug

Package

Name
java-1.8.0-openjdk-demo-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-demo-slowdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-devel

Package

Name
java-1.8.0-openjdk-devel
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-devel-fastdebug

Package

Name
java-1.8.0-openjdk-devel-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-fastdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-devel-slowdebug

Package

Name
java-1.8.0-openjdk-devel-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-devel-slowdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-fastdebug

Package

Name
java-1.8.0-openjdk-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-fastdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-headless

Package

Name
java-1.8.0-openjdk-headless
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-headless-fastdebug

Package

Name
java-1.8.0-openjdk-headless-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-fastdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-headless-slowdebug

Package

Name
java-1.8.0-openjdk-headless-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-headless-slowdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-javadoc

Package

Name
java-1.8.0-openjdk-javadoc
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-javadoc-zip

Package

Name
java-1.8.0-openjdk-javadoc-zip
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-javadoc-zip?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-slowdebug

Package

Name
java-1.8.0-openjdk-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-slowdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-src

Package

Name
java-1.8.0-openjdk-src
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-src-fastdebug

Package

Name
java-1.8.0-openjdk-src-fastdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src-fastdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"
java-1.8.0-openjdk-src-slowdebug

Package

Name
java-1.8.0-openjdk-src-slowdebug
Purl
pkg:rpm/tuxcare/java-1.8.0-openjdk-src-slowdebug?distro=almalinux-9.2

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
1:1.8.0.452.b09-3.tuxcare.els1.el9

Database specific

source 
"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/almalinux9.2esu/CLSA-2025-1753799434.json"