In short - you find out from the vendor / look at the relevant update yourself.
It's one of thouse highly frustrating things that "File versions" may or may not be in any shape related to "release versions" which may or may not be entirely unrelated to "patch names / versions". This is down to every individual software manufacturer to either get right, or wrong. (I'm always "overjoyed" when I find that those 3 categories have entirely different & inconsistent versioning methods) .
I'd personally use the "Detected vulnerabilities" part of the inventory tree & check if they need to have JREv8u121 installed -- that should be easier & our content team would be responsible for getting the definition right.
Of course, there's always the fun of "semi broken updates", so depending on what confidence level you need, you may want to install the relevant update & verify some / all of the file versions yourself in the query?
Depends on what you're after precisely, really.
Does that help at all?