We are using Rapid 7 for Vulnerability scanning in our environment, and we are seeing a lot of "Vulnerability in the Oracle Java SE Hotspot component" vulns pop up pointing to some jar files inside Jetbrains apps/folders. The listed resolution is to update "Azul Zulu" and links to an Azul JDK page.
None of our users have installed the Azul OpenJDK, and I don't think I can update the .jar files inside the .app.
Has anyone else seen these vulnerabilities and know how to approach this?
