[Git][security-tracker-team/security-tracker][master] new java issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jul 16 08:29:22 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6965ca59 by Moritz Muehlenhoff at 2025-07-16T09:21:40+02:00
new java issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,6 @@
+CVE-2025-30761
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
 CVE-2025-7667 (The Restrict File Access plugin for WordPress is vulnerable to Cross-S ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-7657 (Use after free in WebRTC in Google Chrome prior to 138.0.7204.157 allo ...)
@@ -84,7 +87,11 @@ CVE-2025-50108 (Vulnerability in the Oracle Hyperion Financial Reporting product
 CVE-2025-50107 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50106 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	- openjdk-24 <unfixed>
 CVE-2025-50105 (Vulnerability in the Oracle Universal Work Queue product of Oracle E-B ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50104 (Vulnerability in the MySQL Server product of Oracle MySQL (component:  ...)
@@ -162,11 +169,11 @@ CVE-2025-50067 (Vulnerability in Oracle Application Express (component: Strategi
 CVE-2025-50066 (Vulnerability in the Oracle Database Materialized View component of Or ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50065 (Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE  ...)
-	TODO: check
+	NOT-FOR-US: Oracle
 CVE-2025-50064 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50063 (Vulnerability in Oracle Java SE (component: Install).  Supported versi ...)
-	TODO: check
+	- openjdk-8 <not-affected> (Specific to installer, not applicable to debs)
 CVE-2025-50062 (Vulnerability in the PeopleSoft Enterprise HCM Global Payroll Core pro ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50061 (Vulnerability in the Primavera P6 Enterprise Project Portfolio Managem ...)
@@ -174,7 +181,11 @@ CVE-2025-50061 (Vulnerability in the Primavera P6 Enterprise Project Portfolio M
 CVE-2025-50060 (Vulnerability in the Oracle BI Publisher product of Oracle Analytics ( ...)
 	NOT-FOR-US: Oracle
 CVE-2025-50059 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	- openjdk-24 <unfixed>
 CVE-2025-4369 (The Companion Auto Update plugin for WordPress is vulnerable to Stored ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-49830 (Conjur provides secrets management and application identity for infras ...)
@@ -236,17 +247,25 @@ CVE-2025-30758 (Vulnerability in the Siebel CRM End User product of Oracle Siebe
 CVE-2025-30756 (Vulnerability in Oracle REST Data Services (component: General).   The ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30754 (Vulnerability in Oracle Java SE (component: JSSE).  Supported versions ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	- openjdk-24 <unfixed>
 CVE-2025-30753 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30752 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK product of ...)
-	TODO: check
+	- openjdk-24 <unfixed>
 CVE-2025-30751 (Vulnerability in the Oracle Database component of Oracle Database Serv ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30750 (Vulnerability in the Unified Audit component of Oracle Database Server ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30749 (Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle Gr ...)
-	TODO: check
+	- openjdk-8 <unfixed>
+	- openjdk-11 <unfixed>
+	- openjdk-17 <unfixed>
+	- openjdk-21 <unfixed>
+	- openjdk-24 <unfixed>
 CVE-2025-30748 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)
 	NOT-FOR-US: Oracle
 CVE-2025-30747 (Vulnerability in the PeopleSoft Enterprise PeopleTools product of Orac ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6965ca59d68f3105489df4bf9fddba6a1de4bdba

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6965ca59d68f3105489df4bf9fddba6a1de4bdba
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250716/7f504407/attachment.htm>

More information about the debian-security-tracker-commits mailing list