This page collects WhisperX intelligence signals tagged #OpenJDK. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
Red Hat Enterprise Linux 9 (RHEL 9) 中捆绑的 `java-17-openjdk-headless` 软件包存在一个高危安全漏洞,其根源在于集成了存在缺陷的 libpng 库。该漏洞(CVE-2025-65018)是一个堆缓冲区溢出漏洞,位于 libpng 简化 API 函数 `png_image_finish_read` 中。攻击者通过精心构造的交错式 PNG 图像文件,可在处理 16 位交错 PNG 并转换为 8 位输出格式时,触发超出已分配缓冲区边界的堆写入操作。这为远程代码执行打开了大门。 该漏洞影响 libpng 1.6.0 至 1.6.50 版本。Red Hat 已通过安全公告 RHS...
A critical out-of-bounds read vulnerability has been identified within the `java-17-openjdk-headless` package for Red Hat Enterprise Linux 9. The flaw, tracked as SNYK-RHEL9-JAVA17OPENJDKHEADLESS-14136452, stems from a defect in the upstream LIBPNG library, a core component for processing PNG image files. This vulnerab...