Class based , object oriented programming language. Designed to have less dependencies as possible. The syntex of Java is smilier to C and C++. Commonly used for client-server applications. Java files are compiled by JVM (Java Virtual Machine)

Java

### Description of Vulnerability:
An issue in AWS Wrappers for Amazon Aurora PostgreSQL may allow for privilege escalation to rds_superuser role. A low privilege authenticated user can create a crafted function that could be executed with permissions of other Amazon Relational Database Service (RDS) users.
AWS recommends for customers to upgrade to the following versions: AWS JDBC Wrapper to v2.6.5 or greater.
### Source of Vulnerability Report: 
Allistair Ishmael Hakim [allistair.hakim@gmail.com](mailto:allistair.hakim@gmail.com)
### Affected products & versions: 
AWS JDBC Wrapper < 2.6.5
### Platforms: 
MacOS/Windows/Linux

CVE ID	Severity	Score	Technologies	Component name	CISA KEV exploit	Has fix	Published date
CVE-2025-64099	HIGH	8.1	Java	org.openidentityplatform.openam:openam-oauth2	No	Yes	Nov 12, 2025
GHSA-7xw4-g7mm-r4hh	HIGH	8	Java	software.amazon.jdbc:aws-advanced-jdbc-wrapper	No	Yes	Nov 13, 2025
CVE-2025-64518	HIGH	7.5	Java	org.cyclonedx:cyclonedx-core-java	No	Yes	Nov 10, 2025
CVE-2025-11538	MEDIUM	6.8	Java	keycloak	No	Yes	Nov 13, 2025
CVE-2025-10713	MEDIUM	6.5	Java	org.wso2.carbon.mediation:org.wso2.carbon.localentry	No	Yes	Nov 05, 2025

GHSA-7xw4-g7mm-r4hh:
Java vulnerability analysis and mitigation

Description of Vulnerability:

Source of Vulnerability Report:

Affected products & versions:

Platforms:

8

Related Java vulnerabilities:

Benchmark your Cloud Security Posture

Additional Wiz resources

Cloud Vulnerability DB

Cloud Threat Landscape

PEACH

Ready to see Wiz in action?

GHSA-7xw4-g7mm-r4hh: Java vulnerability analysis and mitigation