Alerts This Week
Warning Icon 1 714
Alerts This Week
Warning Icon 1 714

SUSE: java-1_8_0-ibm Important Network Access Issues 2025:03262-1

suse
Calendar Grey September 18, 2025
Dist Suse Esm H88
An essential security patch for java-1_8_0-ibm tackles various concerns affecting network security flaws in SUSE.
* bsc#1246575 * bsc#1246580 * bsc#1246584 * bsc#1246595 * bsc#1246598

Summary

## This update for java-1_8_0-ibm fixes the following issues: Update to Java 8.0 Service Refresh 8 Fix Pack 50. Security issues fixed: * Oracle July 15 2025 CPU (bsc#1247754). * CVE-2025-30749: heap corruption allows unauthenticated attacker with network access to compromise and takeover Java applications that load and run untrusted code (bsc#1246595). * CVE-2025-30754: incomplete handshake allows unauthenticated attacker with network access via TLS to gain unauthorized update, insert, delete and read access to sensitive data (bsc#1246598). * CVE-2025-30761: issue in the Scripting component allows unauthenticated attacker with network access to gain unauthorized creation, deletion or modification access to critical data (bsc#1246580).

Topics%20covered

Topics Covered

security advisory SuSE important network access java-1_8_0-ibm unauthenticated

References

* bsc#1246575

* bsc#1246580

* bsc#1246584

* bsc#1246595

* bsc#1246598

* bsc#1247754

Cross-

* CVE-2025-30749

* CVE-2025-30754

* CVE-2025-30761

* CVE-2025-50059

* CVE-2025-50106

CVSS scores:

* CVE-2025-30749 ( SUSE ): 8.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:H/SC:N/SI:N/SA:N

* CVE-2025-30749 ( SUSE ): 7.0 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:H

* CVE-2025-30749 ( NVD ): 8.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

* CVE-2025-30754 ( SUSE ): 6.3

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N

* CVE-2025-30754 ( SUSE ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

* CVE-2025-30754 ( NVD ): 4.8 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N

* CVE-2025-30761 ( SUSE ): 5.9 CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N

Severity
important
Lowest
Low
Medium
High
Critical

Announcement ID: SUSE-SU-2025:03262-1
Release Date: 2025-09-18T06:42:36Z
Rating: important

Topics%20covered

Topics Covered

security advisory SuSE important network access java-1_8_0-ibm unauthenticated

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here