Azul Vulnerability in Jetbrains apps

hcgtexas
New Contributor III

We are using Rapid 7 for Vulnerability scanning in our environment, and we are seeing a lot of "Vulnerability in the Oracle Java SE Hotspot component" vulns pop up pointing to some jar files inside Jetbrains apps/folders.  The listed resolution is to update "Azul Zulu" and links to an Azul JDK page.

 

None of our users have installed the Azul OpenJDK, and I don't think I can update the .jar files inside the .app.

 

Has anyone else seen these vulnerabilities and know how to approach this?

1 REPLY 1

ali_fadavinia
New Contributor III

Same vulnerability/issue reported by Rapid7 here. Have you been able to find a solution or determine the source of the issue?