java-25-amazon-corretto

Direct Vulnerabilities

Known vulnerabilities in the java-25-amazon-corretto package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
H Uncontrolled Recursion	<1:25.0.3+9-1.amzn2023.1
H Use of a Broken or Risky Cryptographic Algorithm	<1:25.0.3+9-1.amzn2023.1
H Heap-based Buffer Overflow	<1:25.0.3+9-1.amzn2023.1
H Loop with Unreachable Exit Condition ('Infinite Loop')	<1:25.0.3+9-1.amzn2023.1
H XML External Entity (XXE) Injection	<1:25.0.3+9-1.amzn2023.1
H Cleartext Transmission of Sensitive Information	<1:25.0.3+9-1.amzn2023.1
H Use of a Broken or Risky Cryptographic Algorithm	<1:25.0.3+9-1.amzn2023.1
H Out-of-bounds Read	<1:25.0.3+9-1.amzn2023.1
H Improper Validation of Specified Type of Input	<1:25.0.2+10-1.amzn2023.1
H Improper Certificate Validation	<1:25.0.2+10-1.amzn2023.1
H CRLF Injection	<1:25.0.2+10-1.amzn2023.1
H Key Exchange without Entity Authentication	<1:25.0.2+10-1.amzn2023.1
M CVE-2025-53066	<1:25.0.1+8-1.amzn2023.1
M Object Model Violation: Just One of Equals and Hashcode Defined	<1:25.0.1+8-1.amzn2023.1
M Inappropriate Encoding for Output Context	<1:25.0.1+8-1.amzn2023.1