It was discovered that the Hotspot component of OpenJDK 21 incorrectly
handled certain exceptions with specially crafted long messages. An
attacker could possibly use this issue to cause a denial of service.
(CVE-2024-21011)
It was discovered that OpenJDK 21 incorrectly performed reverse DNS
query under certain circumstances in the Networking/HTTP client
component. An attacker could possibly use this issue to obtain sensitive
information. (CVE-2024-21012)
Vladimir Kondratyev discovered that the Hotspot component of OpenJDK 21
incorrectly handled address offset calculations in the C1 compiler. An
attacker could possibly use this issue to cause a denial of service
or execute arbitrary code. (CVE-2024-21068)
It was discovered that the Hotspot component of OpenJDK 21 incorrectly
handled array accesses in the C2 compiler. An attacker could possibly use
this issue to cause a denial of service or execute arbitrary code.
(CVE-2024-21094)