Oracle Java SE 7u151 and 8u141 fixes an unspecified vulnerability in the Deployment component (CVE-2017-10125). Upstream has CVSS scored this issue as: 7.1/CVSS:3.0/AV:P/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H External Reference: http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixJAVA
Oracle notes this is issue affects system for automatic updates: Applies to deployment of Java where the Java Auto Update is enabled. Therefore, Oracle JDK packages in Red Hat Enterprise Linux are not affected.