Alicja Kario discovered that the JSSE component of CRaC JDK 17 incorrectly handled RSA padding. An attacker could possibly use this issue to obtain sensitive information. (CVE-2025-21587)
It was discovered that the Compiler component of CRaC JDK 17 incorrectly handled compiler transformations. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30691)
It was discovered that the 2D component of CRaC JDK 17 did not properly manage memory under certain circumstances. An attacker could possibly use this issue to cause a denial of service or execute arbitrary code. (CVE-2025-30698)
In addition to security fixes, the updated packages contain bug fixes, new features, and possibly incompatible changes.
Please see the following link for more information: https://openjdk.org/groups/vulnerability/advisories/2025-04-15
{ "binaries": [ { "binary_name": "openjdk-17-crac-dbg", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-demo", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-doc", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-jdk", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-jdk-headless", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-jre", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-jre-headless", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-jre-zero", "binary_version": "17.0.15+6-0ubuntu1~25.04" }, { "binary_name": "openjdk-17-crac-source", "binary_version": "17.0.15+6-0ubuntu1~25.04" } ], "availability": "No subscription required" }