Available Security Updates

Addresses a critical vulnerability in the HotSpot VM that allows remote attackers to execute arbitrary code via a crafted serialized object. Immediate installation is strongly recommended for all production environments.

Resolves unsafe deserialization vulnerability in the Java Naming and Directory Interface (JNDI) that could allow an attacker to achieve remote code execution through LDAP/RMI lookup injection.

Fixes a flaw in JSSE TLS implementation where certificate chain validation can be bypassed under specific conditions involving intermediate CA certificates with path length constraints.

Addresses a vulnerability in the built-in XML parser where recursive entity expansion can cause excessive memory consumption, leading to denial of service conditions on affected systems.

Corrects an access control issue in JMX Remote where certain MBean operations could be invoked without proper authentication when specific JMX connector configurations are used.

Patches a vulnerability in the Java GSS/Kerberos implementation where an attacker with network access could forge Kerberos service tickets, potentially gaining unauthorized access to protected resources.

Addresses a critical sandbox escape vulnerability allowing untrusted code to break out of the Java Security Manager restrictions and execute arbitrary system commands with the privileges of the JVM process.

Fixes a weakness in the SecureRandom implementation on certain platforms where insufficient entropy during key generation could result in predictable cryptographic keys.