Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

Jenkins is an open-source continuous integration tool written in Java. Jenkins provides continuous integration services for software development. It is a server-based system running in a servlet container such as Apache Tomcat. It supports SCM tools including AccuRev, CVS, Subversion, Git, Mercurial, Perforce, ClearCase, and RTC, and can execute Apache Ant and Apache Maven-based projects as well as arbitrary shell scripts and Windows batch commands.

Jenkins

Jetty is a Java HTTP (Web) server and Java Servlet container. While web servers are usually associated with serving documents to people, Jetty is now often used for machine-to-machine communications, usually within larger software frameworks. Jetty is developed as a free and open-source project as part of the Eclipse Foundation.

Jetty

Solr is an enterprise-search platform. Its major features include full-text search, hit highlighting, faceted search, real-time indexing, dynamic clustering, database integration, NoSQL features, and rich document handling.

Apache Solr

Confluent Platform includes the latest version of Apache Kafka, plus enterprise features. Monitor and manage data in real-time using our scalable, reliable, and flexible platform.

Confluent (Kafka)

Wolfi is a community Linux OS designed for the container and cloud-native era; it is a Linux distribution based on Alpine.

Wolfi

Chainguard is a Linux distribution based on Alpine. It's the commercial version of the Wolfi distro.

Chainguard

MinimOS is a minimalist operating system designed for simplicity and efficiency. It aims to provide only essential functionalities, making it lightweight and suitable for resource-constrained environments. MinimOS is often used in embedded systems or as a base for custom operating system development.

MinimOS

Debian GNU/Linux is a Linux distribution composed of free and open-source software.

Linux Debian

Red Hat Enterprise Linux is a Linux distribution developed by Red Hat for the commercial market.

Linux Red Hat

Echo is a secure, minimal Linux OS built vulnerability-free. It is fully compatible across environments and continuously patched - making it a clean, dependable base layer for modern applications. Echo is used by organizations focused on security and reliability, including those with compliance or FIPS requirements.

Echo

The Jetty URI parser has some key differences to other common parsers when evaluating invalid or unusual URIs. Differential parsing of URIs in systems using multiple components may result in security by-pass. For example a component that enforces a black list may interpret the URIs differently from one that generates a response. At the very least, differential parsing may divulge implementation details.

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2026-4636	HIGH	8.1	Java	keycloak-fips-26.5	No	Yes	Apr 02, 2026
GHSA-2m67-wjpj-xhg9	HIGH	7.5	Java	tools.jackson.core:jackson-core	No	No	Apr 04, 2026
CVE-2026-4634	HIGH	7.5	Java	org.keycloak:keycloak-services	No	Yes	Apr 02, 2026
CVE-2026-4282	HIGH	7.4	Java	keycloak-fips-26.5	No	Yes	Apr 02, 2026
CVE-2026-4325	MEDIUM	5.3	Java	org.keycloak:keycloak-services	No	Yes	Apr 02, 2026

CVE-2025-11143:
Java vulnerability analysis and mitigation

6.5

Related Java vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

CVE-2025-11143: Java vulnerability analysis and mitigation