CLSA-2025-1767028399

See a problem?

Import Source

https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json

JSON Data

https://api.osv.dev/v1/vulns/CLSA-2025-1767028399

Upstream

CVE-2023-48161

CVE-2024-21147

CVE-2025-21587

CVE-2025-53057

CVE-2025-53066

Published

2025-12-29T17:13:22Z

Modified

2026-06-01T00:33:00.614990836Z

Summary

java-11-openjdk: Fix of 5 CVEs

Details

Upgrade to openjdk-11.0.29+7 (GA). The following CVEs were fixed:
CVE-2023-48161: fix buffer overflow vulnerability
CVE-2024-21147: RangeCheckElimination array index overflow
CVE-2025-21587: fix TLS connection support to avoid unauthorized access to critical data
CVE-2025-53057: enhance certificate handling to prevent unauthorized creation
CVE-2025-53066: enhance Path Factories to prevent unauthorized access

References

https://errata.tuxcare.com/els_os/centos-stream8els/CLSA-2025-1767028399.html

Affected packages

TuxCare:CentOS-Stream:8

java-11-openjdk

Package

Name: java-11-openjdk
Purl: pkg:rpm/tuxcare/java-11-openjdk?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-demo

Package

Name: java-11-openjdk-demo
Purl: pkg:rpm/tuxcare/java-11-openjdk-demo?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-devel

Package

Name: java-11-openjdk-devel
Purl: pkg:rpm/tuxcare/java-11-openjdk-devel?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-headless

Package

Name: java-11-openjdk-headless
Purl: pkg:rpm/tuxcare/java-11-openjdk-headless?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-javadoc

Package

Name: java-11-openjdk-javadoc
Purl: pkg:rpm/tuxcare/java-11-openjdk-javadoc?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-javadoc-zip

Package

Name: java-11-openjdk-javadoc-zip
Purl: pkg:rpm/tuxcare/java-11-openjdk-javadoc-zip?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-jmods

Package

Name: java-11-openjdk-jmods
Purl: pkg:rpm/tuxcare/java-11-openjdk-jmods?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-src

Package

Name: java-11-openjdk-src
Purl: pkg:rpm/tuxcare/java-11-openjdk-src?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"

java-11-openjdk-static-libs

Package

Name: java-11-openjdk-static-libs
Purl: pkg:rpm/tuxcare/java-11-openjdk-static-libs?distro=centos-stream-8

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

1:11.0.29.0.7-1.el8.tuxcare.els1

Database specific

source

"https://github.com/cloudlinux/tuxcare-osv/tree/main/data/els_os/centos-stream8els/CLSA-2025-1767028399.json"