Oracle Java SE 8u5 fixes an unspecified vulnerability in the JavaFX component (CVE-2014-2410). Upstream has CVSSv2 scored this issue as: 9.3/AV:N/AC:M/Au:N/C:C/I:C/A:C External Reference: http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html#AppendixJAVA
There are two other issues fixed via Oracle Critical Patch Update Advisory - April 2014 that only affected Oracle Java SE 8 and not previous versions: CVE-2014-0463 Scripting 4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N CVE-2014-0464 Scripting 4.3/AV:N/AC:M/Au:N/C:P/I:N/A:N Oracle Java SE 8 is not currently shipped as part of any Red Hat product.