In the July update, Oracle disclosed a total of 386 vulnerabilities. Some of the key problems identified include:
- 6 safety problems in Java SE and 7 vulnerabilities in GraalVM. The vulnerabilities in Java SE can be exploited remotely without authentication and affect environments that run untrusted code. The most critical vulnerabilities in Java SE and GraalVM have a severity level of 7.4 and 8.2 respectively out of 10. These vulnerabilities have been addressed in the releases of Java SE 22.0.2, 21.0.4, 0.122, 11.0.24, 8U421.
- 22 vulnerabilities in the MySQL server, which can only be exploited locally. The most critical vulnerabilities have a severity level of 6.5 and are related to issues in the optimizer. Less severe vulnerabilities affect various components within MySQL. Fixes for these vulnerabilities are included in the releases of MySQL Community 9.0, 8.4.1, and 8.0.38.
- 3 vulnerabilities in VirtualBox, with one being marked as highly dangerous with a severity level of 8.2 out of 10. Though specific details about these vulnerabilities have not been disclosed, the severity level indicates potential for host-control access from guest systems. The vulnerabilities have been patched in VirtualBox update 7.0.20.
- 1 vulnerability in Solaris affecting the file system with a severity level of 3.3 out of 10. This vulnerability has been addressed in the update.
/Reports, release notes, official announcements.