Red Hat Security Advisory: OpenJDK 11.0.28 ELS Security Update for Windows Builds
Red Hat has released an important security update for its OpenJDK 11 Extended Lifecycle Support (ELS) Windows builds, version 11. 0. 28, replacing version 11. 0. 27. This update addresses five security vulnerabilities related to glyph drawing, TLS protocol support, scripting support, and HTTP client header handling. The advisory does not provide CVSS scores but rates the update as important, indicating a high severity level. No known exploits are reported in the wild. The update includes security and bug fixes as well as enhancements and applies to multiple Red Hat OpenJDK 11 ELS versions across various architectures. Users are advised to apply this update after ensuring all previous errata are installed.
AI Analysis
Technical Summary
The Red Hat build of OpenJDK 11 (version 11.0.28) for Windows with Extended Lifecycle Support includes fixes for five security vulnerabilities: CVE-2025-30749 and CVE-2025-50106 address issues with glyph drawing; CVE-2025-30754 enhances TLS protocol support; CVE-2025-30761 improves scripting support; and CVE-2025-50059 improves HTTP client header handling. This release replaces version 11.0.27 and includes security and bug fixes as well as enhancements. The update is rated as important by Red Hat Product Security. No CVSS scores are provided in the advisory, and no known exploits in the wild have been reported. The update affects multiple Red Hat OpenJDK 11 ELS builds across different hardware architectures.
Potential Impact
The vulnerabilities fixed in this update affect the OpenJDK 11 runtime and development kit, potentially impacting applications running on Red Hat OpenJDK 11 ELS Windows builds. The issues involve graphical rendering (glyph drawing), TLS protocol handling, scripting capabilities, and HTTP client header processing, which could affect application stability, security, or data integrity. Red Hat rates the security impact as important (high severity). No known active exploitation has been reported at this time.
Mitigation Recommendations
An official security update (OpenJDK 11.0.28 ELS) is available from Red Hat and should be applied to affected systems. Users must ensure all previously released errata relevant to their systems are installed before applying this update. Detailed update instructions are available in the Red Hat advisory and documentation. No additional mitigation steps are indicated by the vendor.
Red Hat Security Advisory: OpenJDK 11.0.28 ELS Security Update for Windows Builds
Description
Red Hat has released an important security update for its OpenJDK 11 Extended Lifecycle Support (ELS) Windows builds, version 11. 0. 28, replacing version 11. 0. 27. This update addresses five security vulnerabilities related to glyph drawing, TLS protocol support, scripting support, and HTTP client header handling. The advisory does not provide CVSS scores but rates the update as important, indicating a high severity level. No known exploits are reported in the wild. The update includes security and bug fixes as well as enhancements and applies to multiple Red Hat OpenJDK 11 ELS versions across various architectures. Users are advised to apply this update after ensuring all previous errata are installed.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
The Red Hat build of OpenJDK 11 (version 11.0.28) for Windows with Extended Lifecycle Support includes fixes for five security vulnerabilities: CVE-2025-30749 and CVE-2025-50106 address issues with glyph drawing; CVE-2025-30754 enhances TLS protocol support; CVE-2025-30761 improves scripting support; and CVE-2025-50059 improves HTTP client header handling. This release replaces version 11.0.27 and includes security and bug fixes as well as enhancements. The update is rated as important by Red Hat Product Security. No CVSS scores are provided in the advisory, and no known exploits in the wild have been reported. The update affects multiple Red Hat OpenJDK 11 ELS builds across different hardware architectures.
Potential Impact
The vulnerabilities fixed in this update affect the OpenJDK 11 runtime and development kit, potentially impacting applications running on Red Hat OpenJDK 11 ELS Windows builds. The issues involve graphical rendering (glyph drawing), TLS protocol handling, scripting capabilities, and HTTP client header processing, which could affect application stability, security, or data integrity. Red Hat rates the security impact as important (high severity). No known active exploitation has been reported at this time.
Mitigation Recommendations
An official security update (OpenJDK 11.0.28 ELS) is available from Red Hat and should be applied to affected systems. Users must ensure all previously released errata relevant to their systems are installed before applying this update. Detailed update instructions are available in the Red Hat advisory and documentation. No additional mitigation steps are indicated by the vendor.
Technical Details
- Gcve Source
- db.gcve.eu
- Csaf Category
- csaf_security_advisory
- Csaf Version
- 2.0
- Publisher
- Red Hat Product Security
- Advisory Id
- RHSA-2025:10868
- Cve Count
- 5
- Additional Cves
- ["CVE-2025-30754","CVE-2025-30761","CVE-2025-50059","CVE-2025-50106"]
- Cvss Version
- null
Threat ID: 6a1f4e87e29bf47b500805f5
Added to database: 6/2/2026, 9:43:35 PM
Last enriched: 6/2/2026, 10:06:18 PM
Last updated: 6/3/2026, 4:51:07 AM
Views: 2
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.