Critical Vulnerability Information Vulnerability Details CVE-2025-21587 - Description: An unspecified vulnerability in the Server: DDL component of Java SE, allowing remote attackers to cause high confidentiality and high integrity impact. - CWE: CWE-284: Improper Access Control - CVSS Score: 7.4 CVE-2025-30698 - Description: An unspecified vulnerability in the 2D component of Java SE, allowing remote attackers to cause low confidentiality, low integrity, and low availability impact. - CWE: CWE-284: Improper Access Control - CVSS Score: 5.6 CVE-2025-2900 - Description: IBM Semeru Runtime versions 8.0.302.0 to 8.0.442.0, 11.0.12.0 to 11.0.26.0, 17.0.0.0 to 17.0.14.0, and 21.0.0.0 to 21.0.6.0 are vulnerable to buffer overflow and subsequent crashes due to a flaw in their native AES/CBC encryption implementation. - CWE: CWE-122: Heap-based Buffer Overflow - CVSS Score: 7.5 CVE-2025-4447 - Description: In Eclipse OpenJ9 versions 0.51 and earlier, when using OpenJDK version 8, a stack-based buffer overflow occurs due to modification of files read from disk. - CWE: CWE-121: Stack-based Buffer Overflow - CVSS Score: 7 Affected Products and Versions Fixes/Patches Versions: 8.0.452.0, 11.0.27.0, 17.0.15.0, 21.0.7.0 Download Links: GitHub repositories Semeru 8, Semeru 11, Semeru 17, Semeru 21 and IBM Semeru Developer Center. APAR Numbers I354637 (CVE-2025-21587) I354637 (CVE-2025-30698) I354115 (CVE-2025-2900) I354709 (CVE-2025-4447) Workarounds and Mitigations None References Complete CVSS v3 Guide Online Calculator v3 Related Information IBM Security Engineering Web Portal IBM Product Security Incident Response Blog OpenJDK April 2025 Vulnerability Advisory IBM Semeru Runtimes Security Vulnerabilities