CVE-2024-21085

NameCVE-2024-21085
DescriptionVulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition ...
SourceCVE (at NVD; CERT, ENISA, LWN, oss-sec, fulldisc, Debian ELTS, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDLA-3793-1, DSA-5671-1
Debian Bugs1069678

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openjdk-11 (PTS)bullseye11.0.24+8-2~deb11u1fixed
bullseye (security)11.0.30+7-1~deb11u1fixed
sid11.0.31+11-1fixed
openjdk-8 (PTS)sid8u482-ga-1fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
openjdk-11sourcebuster11.0.23+9-1~deb10u1DLA-3793-1
openjdk-11sourcebullseye11.0.23+9-1~deb11u1DSA-5671-1
openjdk-11source(unstable)11.0.23+9-1
openjdk-8source(unstable)8u412-ga-11069678

Notes

https://openjdk.org/groups/vulnerability/advisories/2024-07-16
Search for package or bug name: Reporting problems