Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2025-50065 (GCVE-0-2025-50065)
Vulnerability from cvelistv5 – Published: 2025-07-15 19:27 – Updated: 2025-07-16 15:48
VLAI?
EPSS
Summary
Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
Severity ?
CWE
- Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK.
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Oracle Corporation | Oracle GraalVM for JDK |
Affected:
24.0.1
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-50065",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-16T15:47:59.759732Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T15:48:24.975Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Oracle GraalVM for JDK",
"vendor": "Oracle Corporation",
"versions": [
{
"status": "affected",
"version": "24.0.1"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:24.0.1:*:*:*:*:*:*:*",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en-US",
"value": "Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK.",
"lang": "en-US"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T19:27:36.134Z",
"orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"shortName": "oracle"
},
"references": [
{
"name": "Oracle Advisory",
"tags": [
"vendor-advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2025.html"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
"assignerShortName": "oracle",
"cveId": "CVE-2025-50065",
"datePublished": "2025-07-15T19:27:36.134Z",
"dateReserved": "2025-06-11T22:56:56.109Z",
"dateUpdated": "2025-07-16T15:48:24.975Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-50065\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2025-07-15T20:15:41.090\",\"lastModified\":\"2025-08-04T21:17:29.563\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad en Oracle GraalVM para JDK de Oracle Java SE (componente: Imagen Nativa). La versi\u00f3n compatible afectada es Oracle GraalVM para JDK: 24.0.1. Esta vulnerabilidad, dif\u00edcil de explotar, permite a un atacante no autenticado con acceso a la red v\u00eda HTTP comprometer Oracle GraalVM para JDK. Los ataques con \u00e9xito de esta vulnerabilidad pueden permitir que personas no autorizadas causen una denegaci\u00f3n de servicio parcial (DOS parcial) de Oracle GraalVM para JDK. Puntuaci\u00f3n base de CVSS 3.1: 3.7 (Afecta a la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"secalert_us@oracle.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"LOW\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-269\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:graalvm_for_jdk:24.0.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"11033815-7616-4901-95BD-0CA3912F5543\"}]}]}],\"references\":[{\"url\":\"https://www.oracle.com/security-alerts/cpujul2025.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-50065\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-07-16T15:47:59.759732Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-269\", \"description\": \"CWE-269 Improper Privilege Management\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-07-16T15:48:19.552Z\"}}], \"cna\": {\"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 3.7, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L\", \"integrityImpact\": \"NONE\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"HIGH\", \"availabilityImpact\": \"LOW\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"NONE\"}}], \"affected\": [{\"vendor\": \"Oracle Corporation\", \"product\": \"Oracle GraalVM for JDK\", \"versions\": [{\"status\": \"affected\", \"version\": \"24.0.1\"}]}], \"references\": [{\"url\": \"https://www.oracle.com/security-alerts/cpujul2025.html\", \"name\": \"Oracle Advisory\", \"tags\": [\"vendor-advisory\"]}], \"descriptions\": [{\"lang\": \"en-US\", \"value\": \"Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en-US\", \"description\": \"Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK.\"}]}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:a:oracle:graalvm_for_jdk:24.0.1:*:*:*:*:*:*:*\", \"vulnerable\": true}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"shortName\": \"oracle\", \"dateUpdated\": \"2025-07-15T19:27:36.134Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-50065\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-07-16T15:48:24.975Z\", \"dateReserved\": \"2025-06-11T22:56:56.109Z\", \"assignerOrgId\": \"43595867-4340-4103-b7a2-9a5208d29a85\", \"datePublished\": \"2025-07-15T19:27:36.134Z\", \"assignerShortName\": \"oracle\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
FKIE_CVE-2025-50065
Vulnerability from fkie_nvd - Published: 2025-07-15 20:15 - Updated: 2025-08-04 21:17
Severity ?
Summary
Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
References
| URL | Tags | ||
|---|---|---|---|
| secalert_us@oracle.com | https://www.oracle.com/security-alerts/cpujul2025.html | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| oracle | graalvm_for_jdk | 24.0.1 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:graalvm_for_jdk:24.0.1:*:*:*:*:*:*:*",
"matchCriteriaId": "11033815-7616-4901-95BD-0CA3912F5543",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
},
{
"lang": "es",
"value": "Vulnerabilidad en Oracle GraalVM para JDK de Oracle Java SE (componente: Imagen Nativa). La versi\u00f3n compatible afectada es Oracle GraalVM para JDK: 24.0.1. Esta vulnerabilidad, dif\u00edcil de explotar, permite a un atacante no autenticado con acceso a la red v\u00eda HTTP comprometer Oracle GraalVM para JDK. Los ataques con \u00e9xito de esta vulnerabilidad pueden permitir que personas no autorizadas causen una denegaci\u00f3n de servicio parcial (DOS parcial) de Oracle GraalVM para JDK. Puntuaci\u00f3n base de CVSS 3.1: 3.7 (Afecta a la disponibilidad). Vector CVSS: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L)."
}
],
"id": "CVE-2025-50065",
"lastModified": "2025-08-04T21:17:29.563",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 1.4,
"source": "secalert_us@oracle.com",
"type": "Secondary"
}
]
},
"published": "2025-07-15T20:15:41.090",
"references": [
{
"source": "secalert_us@oracle.com",
"tags": [
"Vendor Advisory"
],
"url": "https://www.oracle.com/security-alerts/cpujul2025.html"
}
],
"sourceIdentifier": "secalert_us@oracle.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-269"
}
],
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary"
}
]
}
GHSA-RJR4-J8JJ-57RH
Vulnerability from github – Published: 2025-07-15 21:31 – Updated: 2025-07-15 21:31
VLAI?
Details
Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).
Severity ?
{
"affected": [],
"aliases": [
"CVE-2025-50065"
],
"database_specific": {
"cwe_ids": [
"CWE-269"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2025-07-15T20:15:41Z",
"severity": "LOW"
},
"details": "Vulnerability in the Oracle GraalVM for JDK product of Oracle Java SE (component: Native Image). The supported version that is affected is Oracle GraalVM for JDK: 24.0.1. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM for JDK. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK. CVSS 3.1 Base Score 3.7 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).",
"id": "GHSA-rjr4-j8jj-57rh",
"modified": "2025-07-15T21:31:40Z",
"published": "2025-07-15T21:31:40Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-50065"
},
{
"type": "WEB",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"type": "CVSS_V3"
}
]
}
CERTFR-2025-AVI-0600
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Java SE | Oracle GraalVM Enterprise Edition version 21.3.14 | ||
| Oracle | Java SE | Oracle Java SE version 17.0.15 | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 17.0.15 | ||
| Oracle | Java SE | Oracle Java SE version 24.0.1 | ||
| Oracle | Java SE | Oracle Java SE version 11.0.27 | ||
| Oracle | Java SE | Oracle Java SE version 8u451-b50 | ||
| Oracle | Java SE | Oracle Java SE version 21.0.7 | ||
| Oracle | Java SE | Oracle Java SE version 8u451 | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 24.0.1 | ||
| Oracle | Java SE | Oracle Java SE version 8u451-perf | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 21.0.7 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle GraalVM Enterprise Edition version 21.3.14",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 17.0.15",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 17.0.15",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 24.0.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 11.0.27",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u451-b50",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 21.0.7",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u451",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 24.0.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u451-perf",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 21.0.7",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-50063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50063"
},
{
"name": "CVE-2025-50065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50065"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2024-40896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40896"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-30752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30752"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0600",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java SE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Java SE cpujul2025",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html"
}
]
}
CERTFR-2025-AVI-0600
Vulnerability from certfr_avis - Published: - Updated:
De multiples vulnérabilités ont été découvertes dans Oracle Java SE. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Oracle | Java SE | Oracle GraalVM Enterprise Edition version 21.3.14 | ||
| Oracle | Java SE | Oracle Java SE version 17.0.15 | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 17.0.15 | ||
| Oracle | Java SE | Oracle Java SE version 24.0.1 | ||
| Oracle | Java SE | Oracle Java SE version 11.0.27 | ||
| Oracle | Java SE | Oracle Java SE version 8u451-b50 | ||
| Oracle | Java SE | Oracle Java SE version 21.0.7 | ||
| Oracle | Java SE | Oracle Java SE version 8u451 | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 24.0.1 | ||
| Oracle | Java SE | Oracle Java SE version 8u451-perf | ||
| Oracle | Java SE | Oracle GraalVM for JDK version 21.0.7 |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Oracle GraalVM Enterprise Edition version 21.3.14",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 17.0.15",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 17.0.15",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 24.0.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 11.0.27",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u451-b50",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 21.0.7",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u451",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 24.0.1",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle Java SE version 8u451-perf",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
},
{
"description": "Oracle GraalVM for JDK version 21.0.7",
"product": {
"name": "Java SE",
"vendor": {
"name": "Oracle",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-56171",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56171"
},
{
"name": "CVE-2025-50106",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50106"
},
{
"name": "CVE-2025-30754",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30754"
},
{
"name": "CVE-2025-50063",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50063"
},
{
"name": "CVE-2025-50065",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50065"
},
{
"name": "CVE-2025-23165",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23165"
},
{
"name": "CVE-2025-50059",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-50059"
},
{
"name": "CVE-2025-30761",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30761"
},
{
"name": "CVE-2025-27113",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-27113"
},
{
"name": "CVE-2025-23166",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-23166"
},
{
"name": "CVE-2024-55549",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-55549"
},
{
"name": "CVE-2025-32415",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32415"
},
{
"name": "CVE-2025-24855",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24855"
},
{
"name": "CVE-2025-30749",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30749"
},
{
"name": "CVE-2025-32414",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-32414"
},
{
"name": "CVE-2024-40896",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-40896"
},
{
"name": "CVE-2025-24928",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-24928"
},
{
"name": "CVE-2025-30752",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-30752"
}
],
"links": [],
"reference": "CERTFR-2025-AVI-0600",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-07-18T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Oracle Java SE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Oracle Java SE",
"vendor_advisories": [
{
"published_at": "2025-07-15",
"title": "Bulletin de s\u00e9curit\u00e9 Oracle Java SE cpujul2025",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html"
}
]
}
WID-SEC-W-2025-1569
Vulnerability from csaf_certbund - Published: 2025-07-15 22:00 - Updated: 2025-11-17 23:00Summary
Oracle Java SE: Mehrere Schwachstellen
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung
Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).
Angriff
Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Java SE und anderen Java Editionen ausnutzen, um die Vertraulichkeit, Integrität und Verfügbarkeit zu gefährden.
Betroffene Betriebssysteme
- Linux
- MacOS X
- Sonstiges
- UNIX
- Windows
{
"document": {
"aggregate_severity": {
"text": "hoch"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Die Java Platform, Standard Edition (SE) ist eine Sammlung von Java-APIs (JDK) und der Java Laufzeit Umgebung (JRE).",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer oder authentisierter Angreifer kann mehrere Schwachstellen in Oracle Java SE und anderen Java Editionen ausnutzen, um die Vertraulichkeit, Integrit\u00e4t und Verf\u00fcgbarkeit zu gef\u00e4hrden.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux\n- MacOS X\n- Sonstiges\n- UNIX\n- Windows",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2025-1569 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2025/wid-sec-w-2025-1569.json"
},
{
"category": "self",
"summary": "WID-SEC-2025-1569 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2025-1569"
},
{
"category": "external",
"summary": "Oracle Critical Patch Update Advisory - July 2025 - Appendix Oracle Java SE vom 2025-07-15",
"url": "https://www.oracle.com/security-alerts/cpujul2025.html#AppendixJAVA"
},
{
"category": "external",
"summary": "Azul Zulu Builds of OpenJDK July 2025 quarterly update",
"url": "https://docs.azul.com/core/pdfs/july-2025/azul-zulu-ca-release-notes-july-2025-rev1.0.pdf"
},
{
"category": "external",
"summary": "OpenJDK Vulnerability Advisory: 2025/07/15",
"url": "https://openjdk.org/groups/vulnerability/advisories/2025-07-15"
},
{
"category": "external",
"summary": "Corretto 8 Changelog vom 2025-07-16",
"url": "https://github.com/corretto/corretto-8/blob/8.462.08.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Corretto 11 ChangeLog vom 2025-07-16",
"url": "https://github.com/corretto/corretto-11/blob/11.0.28.6.1/CHANGELOG.md"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10867 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:10867"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10873 vom 2025-07-16",
"url": "https://access.redhat.com/errata/RHSA-2025:10873"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10867 vom 2025-07-16",
"url": "https://linux.oracle.com/errata/ELSA-2025-10867.html"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10863 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10863"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10875 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10875"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10874 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10874"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10870 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10870"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10861 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10861"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10869 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10869"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10864 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10864"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10862 vom 2025-07-17",
"url": "https://access.redhat.com/errata/RHSA-2025:10862"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15358-1 vom 2025-07-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/453Q2ZG7DSLGSOQSRYVDHQWSHZKLPFSY/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10865 vom 2025-07-21",
"url": "https://access.redhat.com/errata/RHSA-2025:10865"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15357-1 vom 2025-07-19",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/KNGLPZCSINE52RXS4WUK4V3G23AG77LX/"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10866 vom 2025-07-21",
"url": "https://access.redhat.com/errata/RHSA-2025:10866"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:10868 vom 2025-07-21",
"url": "https://access.redhat.com/errata/RHSA-2025:10868"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15362-1 vom 2025-07-21",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/VVXHASFDSYT4YOX6UDCB7YID22NCJ66G/"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4248 vom 2025-07-23",
"url": "https://lists.debian.org/debian-lts-announce/2025/07/msg00011.html"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7668-1 vom 2025-07-25",
"url": "https://ubuntu.com/security/notices/USN-7668-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7669-1 vom 2025-07-25",
"url": "https://ubuntu.com/security/notices/USN-7669-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7672-1 vom 2025-07-28",
"url": "https://ubuntu.com/security/notices/USN-7672-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7673-1 vom 2025-07-28",
"url": "https://ubuntu.com/security/notices/USN-7673-1"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15390-1 vom 2025-07-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7H7XWA5W6BW245PBOIWOLBE2BLEIN6FI/"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7674-1 vom 2025-07-29",
"url": "https://ubuntu.com/security/notices/USN-7674-1"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7667-1 vom 2025-07-29",
"url": "https://ubuntu.com/security/notices/USN-7667-1"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15391-1 vom 2025-07-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/3YGILFYUGSJBMX6XUS3DCORELUTENSOY/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15392-1 vom 2025-07-28",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/2BNOLDILAQY4FCCIW4HNDPZ7EHWJ3XM5/"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10862 vom 2025-07-29",
"url": "https://linux.oracle.com/errata/ELSA-2025-10862.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02545-1 vom 2025-07-30",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021987.html"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10873 vom 2025-07-30",
"url": "http://linux.oracle.com/errata/ELSA-2025-10873.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2940 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2940.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2936 vom 2025-07-30",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2936.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02563-1 vom 2025-07-31",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-July/021993.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241226 vom 2025-07-31",
"url": "https://www.ibm.com/support/pages/node/7241226"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241306 vom 2025-08-01",
"url": "https://www.ibm.com/support/pages/node/7241306"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2-2025-2956 vom 2025-08-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2-2025-2956.html"
},
{
"category": "external",
"summary": "Amazon Linux Security Advisory ALAS2CORRETTO8-2025-020 vom 2025-08-05",
"url": "https://alas.aws.amazon.com/AL2/ALAS2CORRETTO8-2025-020.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02657-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/TO75LIYWPLPTZF6IA3K6IZNLY4O5NFM7/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02666-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/DULM7FV7WTXEDWKUTXKMNK2TCHADYPSC/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:02667-1 vom 2025-08-04",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BCCQGVXFXURHFPSAYKM7LURL37W2CYIM/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241769 vom 2025-08-07",
"url": "https://www.ibm.com/support/pages/node/7241769"
},
{
"category": "external",
"summary": "Oracle Linux Security Advisory ELSA-2025-10861 vom 2025-08-09",
"url": "https://linux.oracle.com/errata/ELSA-2025-10861.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7241933 vom 2025-08-11",
"url": "https://www.ibm.com/support/pages/node/7241933"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13656 vom 2025-08-11",
"url": "https://access.redhat.com/errata/RHSA-2025:13656"
},
{
"category": "external",
"summary": "Ubuntu Security Notice USN-7690-1 vom 2025-08-12",
"url": "https://ubuntu.com/security/notices/USN-7690-1"
},
{
"category": "external",
"summary": "Red Hat Security Advisory RHSA-2025:13675 vom 2025-08-12",
"url": "https://access.redhat.com/errata/RHSA-2025:13675"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-5972 vom 2025-08-12",
"url": "https://lists.debian.org/debian-security-announce/2025/msg00136.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7242133 vom 2025-08-14",
"url": "https://www.ibm.com/support/pages/node/7242133"
},
{
"category": "external",
"summary": "Debian Security Advisory DLA-4275 vom 2025-08-19",
"url": "https://lists.debian.org/debian-lts-announce/2025/08/msg00014.html"
},
{
"category": "external",
"summary": "IGEL Security Notice ISN-2025-35 vom 2025-08-21",
"url": "https://kb.igel.com/en/security-safety/current/isn-2025-35-jre-vulnerabilities"
},
{
"category": "external",
"summary": "Hitachi Vulnerability Information HITACHI-SEC-2025-124 vom 2025-08-26",
"url": "https://www.hitachi.com/products/it/software/security/info/vuls/hitachi-sec-2025-124/index.html"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243515 vom 2025-08-28",
"url": "https://www.ibm.com/support/pages/node/7243515"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243787 vom 2025-09-02",
"url": "https://www.ibm.com/support/pages/node/7243787"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243803 vom 2025-09-02",
"url": "https://www.ibm.com/support/pages/node/7243803"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243800 vom 2025-09-04",
"url": "https://www.ibm.com/support/pages/node/7243800"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7243799 vom 2025-09-04",
"url": "https://www.ibm.com/support/pages/node/7243799"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244160 vom 2025-09-05",
"url": "https://www.ibm.com/support/pages/node/7244160"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03120-1 vom 2025-09-09",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022416.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:15532-1 vom 2025-09-09",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/BPULRW22JDBFXFG4VNIAA3WAVA5VFPSU/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244391 vom 2025-09-09",
"url": "https://www.ibm.com/support/pages/node/7244391"
},
{
"category": "external",
"summary": "IBM Security Bulletin",
"url": "https://www.ibm.com/support/pages/node/7244394"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244609 vom 2025-09-11",
"url": "https://www.ibm.com/support/pages/node/7244609"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244648 vom 2025-09-11",
"url": "https://www.ibm.com/support/pages/node/7244648"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244651 vom 2025-09-11",
"url": "https://www.ibm.com/support/pages/node/7244651"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244768 vom 2025-09-12",
"url": "https://www.ibm.com/support/pages/node/7244768"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244657 vom 2025-09-12",
"url": "https://www.ibm.com/support/pages/node/7244657"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244879 vom 2025-09-12",
"url": "https://www.ibm.com/support/pages/node/7244879"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7244987 vom 2025-09-15",
"url": "https://www.ibm.com/support/pages/node/7244987"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03224-1 vom 2025-09-15",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022539.html"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0351-1 vom 2025-09-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/46ENDY2NXGQLZC2JZ3BI2AUCKYOSA4PX/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0354-1 vom 2025-09-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/PZDNEL7E26VA3OBDQFDUUZTHUQ6VD5VR/"
},
{
"category": "external",
"summary": "openSUSE Security Update OPENSUSE-SU-2025:0353-1 vom 2025-09-15",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/XWY4UAD3IUPKXW4ZZBHGX4ITOYVGHP72/"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03236-1 vom 2025-09-16",
"url": "https://lists.suse.com/pipermail/sle-security-updates/2025-September/022549.html"
},
{
"category": "external",
"summary": "SUSE Security Update SUSE-SU-2025:03262-1 vom 2025-09-18",
"url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/G446YLSI37B5HCBUHPUAGZTFIIWOL5YO/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7245706 vom 2025-09-22",
"url": "https://www.ibm.com/support/pages/node/7245706"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7245993 vom 2025-09-24",
"url": "https://www.ibm.com/support/pages/node/7245993"
},
{
"category": "external",
"summary": "HCL Security Bulletin vom 2025-09-25",
"url": "https://support.hcl-software.com/csm?id=kb_article\u0026sysparm_article=KB0124270"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246562 vom 2025-09-29",
"url": "https://www.ibm.com/support/pages/node/7246562"
},
{
"category": "external",
"summary": "Absolute Security Information vom 2025-09-30",
"url": "https://www.absolute.com/platform/security-information/vulnerability-archive/secure-access-1410"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246914 vom 2025-10-01",
"url": "https://www.ibm.com/support/pages/node/7246914"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246872 vom 2025-10-01",
"url": "https://www.ibm.com/support/pages/node/7246872"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7246919 vom 2025-10-01",
"url": "https://www.ibm.com/support/pages/node/7246919"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247208 vom 2025-10-06",
"url": "https://www.ibm.com/support/pages/node/7247208"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247207 vom 2025-10-06",
"url": "https://www.ibm.com/support/pages/node/7247207"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247347 vom 2025-10-07",
"url": "https://www.ibm.com/support/pages/node/7247347"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247560 vom 2025-10-09",
"url": "https://www.ibm.com/support/pages/node/7247560"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7248118 vom 2025-10-16",
"url": "https://www.ibm.com/support/pages/node/7248118"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7247994 vom 2025-10-15",
"url": "https://www.ibm.com/support/pages/node/7247994"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7248638 vom 2025-10-21",
"url": "https://www.ibm.com/support/pages/node/7248638"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249041 vom 2025-10-23",
"url": "https://www.ibm.com/support/pages/node/7249041"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249276 vom 2025-10-27",
"url": "https://www.ibm.com/support/pages/node/7249276"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-338 vom 2025-10-30",
"url": "https://www.dell.com/support/kbdoc/de-de/000385427/dsa-2025-338-security-update-for-dell-data-protection-advisor-for-jdk-8u451-vulnerabilities"
},
{
"category": "external",
"summary": "Dell Security Advisory DSA-2025-404 vom 2025-10-31",
"url": "https://www.dell.com/support/kbdoc/000385435"
},
{
"category": "external",
"summary": "PDFreactor 12 Hotfix Release vom 2025-10-31",
"url": "https://www.pdfreactor.com/pdfreactor-12-hotfix-release-12-3-2-now-available/"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7249817 vom 2025-10-31",
"url": "https://www.ibm.com/support/pages/node/7249817"
},
{
"category": "external",
"summary": "IBM Security Bulletin 7250258 vom 2025-11-06",
"url": "https://www.ibm.com/support/pages/node/7250258"
},
{
"category": "external",
"summary": "XEROX Security Advisory XRX25-018 vom 2025-11-18",
"url": "https://security.business.xerox.com/wp-content/uploads/2025/11/Xerox-Security-Bulletin-XRX25-018-Xerox-FreeFlow-Print-Server-v7.pdf"
}
],
"source_lang": "en-US",
"title": "Oracle Java SE: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2025-11-17T23:00:00.000+00:00",
"generator": {
"date": "2025-11-18T08:12:38.646+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.5.0"
}
},
"id": "WID-SEC-W-2025-1569",
"initial_release_date": "2025-07-15T22:00:00.000+00:00",
"revision_history": [
{
"date": "2025-07-15T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2025-07-16T22:00:00.000+00:00",
"number": "2",
"summary": "Neue Updates von Red Hat und Oracle Linux aufgenommen"
},
{
"date": "2025-07-17T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Red Hat aufgenommen"
},
{
"date": "2025-07-20T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates von openSUSE und Red Hat aufgenommen"
},
{
"date": "2025-07-21T22:00:00.000+00:00",
"number": "5",
"summary": "Neue Updates von openSUSE aufgenommen"
},
{
"date": "2025-07-22T22:00:00.000+00:00",
"number": "6",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-07-24T22:00:00.000+00:00",
"number": "7",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-27T22:00:00.000+00:00",
"number": "8",
"summary": "Neue Updates von Ubuntu aufgenommen"
},
{
"date": "2025-07-28T22:00:00.000+00:00",
"number": "9",
"summary": "Neue Updates von openSUSE und Ubuntu aufgenommen"
},
{
"date": "2025-07-29T22:00:00.000+00:00",
"number": "10",
"summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
},
{
"date": "2025-07-30T22:00:00.000+00:00",
"number": "11",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-07-31T22:00:00.000+00:00",
"number": "12",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-03T22:00:00.000+00:00",
"number": "13",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-04T22:00:00.000+00:00",
"number": "14",
"summary": "Neue Updates von Amazon aufgenommen"
},
{
"date": "2025-08-07T22:00:00.000+00:00",
"number": "15",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-10T22:00:00.000+00:00",
"number": "16",
"summary": "Neue Updates von Oracle Linux aufgenommen"
},
{
"date": "2025-08-11T22:00:00.000+00:00",
"number": "17",
"summary": "Neue Updates von Red Hat und Ubuntu aufgenommen"
},
{
"date": "2025-08-12T22:00:00.000+00:00",
"number": "18",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-13T22:00:00.000+00:00",
"number": "19",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-08-18T22:00:00.000+00:00",
"number": "20",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2025-08-21T22:00:00.000+00:00",
"number": "21",
"summary": "Neue Updates von IGEL aufgenommen"
},
{
"date": "2025-08-26T22:00:00.000+00:00",
"number": "22",
"summary": "Neue Updates von HITACHI aufgenommen"
},
{
"date": "2025-08-28T22:00:00.000+00:00",
"number": "23",
"summary": "Neue Updates von IBM und IBM-APAR aufgenommen"
},
{
"date": "2025-09-02T22:00:00.000+00:00",
"number": "24",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-04T22:00:00.000+00:00",
"number": "25",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-07T22:00:00.000+00:00",
"number": "26",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-09T22:00:00.000+00:00",
"number": "27",
"summary": "Neue Updates von SUSE, openSUSE und IBM aufgenommen"
},
{
"date": "2025-09-10T22:00:00.000+00:00",
"number": "28",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-11T22:00:00.000+00:00",
"number": "29",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-14T22:00:00.000+00:00",
"number": "30",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-15T22:00:00.000+00:00",
"number": "31",
"summary": "Neue Updates von IBM, SUSE und openSUSE aufgenommen"
},
{
"date": "2025-09-16T22:00:00.000+00:00",
"number": "32",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-17T22:00:00.000+00:00",
"number": "33",
"summary": "Neue Updates von SUSE aufgenommen"
},
{
"date": "2025-09-21T22:00:00.000+00:00",
"number": "34",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-24T22:00:00.000+00:00",
"number": "35",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-25T22:00:00.000+00:00",
"number": "36",
"summary": "Neue Updates von HCL aufgenommen"
},
{
"date": "2025-09-29T22:00:00.000+00:00",
"number": "37",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-09-30T22:00:00.000+00:00",
"number": "38",
"summary": "Neue Updates aufgenommen"
},
{
"date": "2025-10-01T22:00:00.000+00:00",
"number": "39",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-06T22:00:00.000+00:00",
"number": "40",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-07T22:00:00.000+00:00",
"number": "41",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-09T22:00:00.000+00:00",
"number": "42",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-15T22:00:00.000+00:00",
"number": "43",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-21T22:00:00.000+00:00",
"number": "44",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-23T22:00:00.000+00:00",
"number": "45",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-27T23:00:00.000+00:00",
"number": "46",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-10-29T23:00:00.000+00:00",
"number": "47",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-10-30T23:00:00.000+00:00",
"number": "48",
"summary": "Neue Updates von Dell aufgenommen"
},
{
"date": "2025-11-05T23:00:00.000+00:00",
"number": "49",
"summary": "Neue Updates von IBM aufgenommen"
},
{
"date": "2025-11-17T23:00:00.000+00:00",
"number": "50",
"summary": "Neue Updates von XEROX aufgenommen"
}
],
"status": "final",
"version": "50"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "Server \u003c14.10",
"product": {
"name": "Absolute Secure Access Server \u003c14.10",
"product_id": "T047275"
}
},
{
"category": "product_version",
"name": "Server 14.10",
"product": {
"name": "Absolute Secure Access Server 14.10",
"product_id": "T047275-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:absolute:secure_access:server__14.10"
}
}
},
{
"category": "product_version_range",
"name": "Insights \u003c4.30",
"product": {
"name": "Absolute Secure Access Insights \u003c4.30",
"product_id": "T047276"
}
},
{
"category": "product_version",
"name": "Insights 4.30",
"product": {
"name": "Absolute Secure Access Insights 4.30",
"product_id": "T047276-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:absolute:secure_access:insights__4.30"
}
}
}
],
"category": "product_name",
"name": "Secure Access"
}
],
"category": "vendor",
"name": "Absolute"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.462.08.1",
"product": {
"name": "Amazon Corretto \u003c8.462.08.1",
"product_id": "T045421"
}
},
{
"category": "product_version",
"name": "8.462.08.1",
"product": {
"name": "Amazon Corretto 8.462.08.1",
"product_id": "T045421-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:8.462.08.1"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.28.6.1",
"product": {
"name": "Amazon Corretto \u003c11.0.28.6.1",
"product_id": "T045422"
}
},
{
"category": "product_version",
"name": "11.0.28.6.1",
"product": {
"name": "Amazon Corretto 11.0.28.6.1",
"product_id": "T045422-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:amazon:corretto:11.0.28.6.1"
}
}
}
],
"category": "product_name",
"name": "Corretto"
},
{
"category": "product_name",
"name": "Amazon Linux 2",
"product": {
"name": "Amazon Linux 2",
"product_id": "398363",
"product_identification_helper": {
"cpe": "cpe:/o:amazon:linux_2:-"
}
}
}
],
"category": "vendor",
"name": "Amazon"
},
{
"branches": [
{
"category": "product_name",
"name": "Azul Zulu",
"product": {
"name": "Azul Zulu",
"product_id": "T036273",
"product_identification_helper": {
"cpe": "cpe:/a:azul:zulu:-"
}
}
}
],
"category": "vendor",
"name": "Azul"
},
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Dell Avamar",
"product": {
"name": "Dell Avamar",
"product_id": "T039664",
"product_identification_helper": {
"cpe": "cpe:/a:dell:avamar:-"
}
}
},
{
"category": "product_name",
"name": "Dell Data Protection Advisor",
"product": {
"name": "Dell Data Protection Advisor",
"product_id": "T021498",
"product_identification_helper": {
"cpe": "cpe:/a:dell:data_protection_advisor:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Virtual Edition",
"product": {
"name": "Dell NetWorker Virtual Edition",
"product_id": "T048226",
"product_identification_helper": {
"cpe": "cpe:/a:dell:networker:virtual_edition"
}
}
}
],
"category": "product_name",
"name": "NetWorker"
}
],
"category": "vendor",
"name": "Dell"
},
{
"branches": [
{
"category": "product_name",
"name": "HCL BigFix",
"product": {
"name": "HCL BigFix",
"product_id": "T036271",
"product_identification_helper": {
"cpe": "cpe:/a:hcltech:bigfix:inventory"
}
}
}
],
"category": "vendor",
"name": "HCL"
},
{
"branches": [
{
"category": "product_name",
"name": "Hitachi Command Suite",
"product": {
"name": "Hitachi Command Suite",
"product_id": "T038839",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:command_suite:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Configuration Manager",
"product": {
"name": "Hitachi Configuration Manager",
"product_id": "T020304",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:configuration_manager:-"
}
}
},
{
"category": "product_name",
"name": "Hitachi Ops Center",
"product": {
"name": "Hitachi Ops Center",
"product_id": "T017562",
"product_identification_helper": {
"cpe": "cpe:/a:hitachi:ops_center:-"
}
}
}
],
"category": "vendor",
"name": "Hitachi"
},
{
"branches": [
{
"category": "product_name",
"name": "IBM App Connect Enterprise",
"product": {
"name": "IBM App Connect Enterprise",
"product_id": "T032495",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:app_connect_enterprise:-"
}
}
},
{
"branches": [
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T024464",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:containers"
}
}
},
{
"category": "product_name",
"name": "IBM Business Automation Workflow",
"product": {
"name": "IBM Business Automation Workflow",
"product_id": "T043411",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:business_automation_workflow:-"
}
}
}
],
"category": "product_name",
"name": "Business Automation Workflow"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c10.6.5.0",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.5.0",
"product_id": "T047841"
}
},
{
"category": "product_version",
"name": "10.6.5.0",
"product": {
"name": "IBM DataPower Gateway 10.6.5.0",
"product_id": "T047841-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.5.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.5.0.19",
"product": {
"name": "IBM DataPower Gateway \u003c10.5.0.19",
"product_id": "T047864"
}
},
{
"category": "product_version",
"name": "10.5.0.19",
"product": {
"name": "IBM DataPower Gateway 10.5.0.19",
"product_id": "T047864-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.5.0.19"
}
}
},
{
"category": "product_version_range",
"name": "\u003c10.6.0.7",
"product": {
"name": "IBM DataPower Gateway \u003c10.6.0.7",
"product_id": "T047866"
}
},
{
"category": "product_version",
"name": "10.6.0.7",
"product": {
"name": "IBM DataPower Gateway 10.6.0.7",
"product_id": "T047866-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:datapower_gateway:10.6.0.7"
}
}
}
],
"category": "product_name",
"name": "DataPower Gateway"
},
{
"branches": [
{
"category": "product_version",
"name": "11.7",
"product": {
"name": "IBM InfoSphere Information Server 11.7",
"product_id": "444803",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:infosphere_information_server:11.7"
}
}
}
],
"category": "product_name",
"name": "InfoSphere Information Server"
},
{
"branches": [
{
"category": "product_version",
"name": "1.4-1.9.3.2",
"product": {
"name": "IBM Installation Manager 1.4-1.9.3.2",
"product_id": "T046590",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:installation_manager:1.4_-_1.9.3.2"
}
}
},
{
"category": "product_version",
"name": "1.4-1.10.1.2",
"product": {
"name": "IBM Installation Manager 1.4-1.10.1.2",
"product_id": "T046975",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:installation_manager:1.4_-_1.10.1.2"
}
}
}
],
"category": "product_name",
"name": "Installation Manager"
},
{
"category": "product_name",
"name": "IBM Integration Bus",
"product": {
"name": "IBM Integration Bus",
"product_id": "T011169",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:integration_bus:-"
}
}
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.8.50",
"product": {
"name": "IBM Java \u003c8.0.8.50",
"product_id": "T045831"
}
},
{
"category": "product_version",
"name": "8.0.8.50",
"product": {
"name": "IBM Java 8.0.8.50",
"product_id": "T045831-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:jre:8.0.8.50"
}
}
}
],
"category": "product_name",
"name": "Java"
},
{
"category": "product_name",
"name": "IBM License Metric Tool",
"product": {
"name": "IBM License Metric Tool",
"product_id": "T029071",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:license_metric_tool:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Operator",
"product": {
"name": "IBM MQ Operator",
"product_id": "T036688",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:operator"
}
}
},
{
"category": "product_version",
"name": "Container",
"product": {
"name": "IBM MQ Container",
"product_id": "T040640",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:container"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.1.0.31",
"product": {
"name": "IBM MQ \u003c9.1.0.31",
"product_id": "T046724"
}
},
{
"category": "product_version",
"name": "9.1.0.31",
"product": {
"name": "IBM MQ 9.1.0.31",
"product_id": "T046724-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.1.0.31"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.2.0.37",
"product": {
"name": "IBM MQ \u003c9.2.0.37",
"product_id": "T046725"
}
},
{
"category": "product_version",
"name": "9.2.0.37",
"product": {
"name": "IBM MQ 9.2.0.37",
"product_id": "T046725-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.2.0.37"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.3.0.31",
"product": {
"name": "IBM MQ \u003c9.3.0.31",
"product_id": "T046726"
}
},
{
"category": "product_version",
"name": "9.3.0.31",
"product": {
"name": "IBM MQ 9.3.0.31",
"product_id": "T046726-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.3.0.31"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.0.15",
"product": {
"name": "IBM MQ \u003c9.4.0.15",
"product_id": "T046727"
}
},
{
"category": "product_version",
"name": "9.4.0.15",
"product": {
"name": "IBM MQ 9.4.0.15",
"product_id": "T046727-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.4.0.15"
}
}
},
{
"category": "product_version_range",
"name": "\u003c9.4.3.1",
"product": {
"name": "IBM MQ \u003c9.4.3.1",
"product_id": "T046728"
}
},
{
"category": "product_version",
"name": "9.4.3.1",
"product": {
"name": "IBM MQ 9.4.3.1",
"product_id": "T046728-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:mq:9.4.3.1"
}
}
}
],
"category": "product_name",
"name": "MQ"
},
{
"category": "product_name",
"name": "IBM QRadar SIEM",
"product": {
"name": "IBM QRadar SIEM",
"product_id": "T021415",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:qradar_siem:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "9.6",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.6",
"product_id": "T012259",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.6"
}
}
},
{
"category": "product_version",
"name": "9.7",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 9.7",
"product_id": "T033489",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:9.7"
}
}
},
{
"category": "product_version",
"name": "10",
"product": {
"name": "IBM Rational Application Developer for WebSphere Software 10.0",
"product_id": "T047534",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_application_developer_for_websphere_software:10.0"
}
}
}
],
"category": "product_name",
"name": "Rational Application Developer for WebSphere Software"
},
{
"category": "product_name",
"name": "IBM Rational Business Developer",
"product": {
"name": "IBM Rational Business Developer",
"product_id": "T025611",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:rational_business_developer:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "Collaboration and Deployment Services 8.5",
"product": {
"name": "IBM SPSS Collaboration and Deployment Services 8.5",
"product_id": "T038750",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services_8.5"
}
}
},
{
"category": "product_version",
"name": "Statistics",
"product": {
"name": "IBM SPSS Statistics",
"product_id": "T045525",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:statistics"
}
}
},
{
"category": "product_version",
"name": "Collaboration and Deployment Services 8.6",
"product": {
"name": "IBM SPSS Collaboration and Deployment Services 8.6",
"product_id": "T046466",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:spss:collaboration_and_deployment_services_8.6"
}
}
}
],
"category": "product_name",
"name": "SPSS"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c8.0.462.0",
"product": {
"name": "IBM Semeru Runtime \u003c8.0.462.0",
"product_id": "T045792"
}
},
{
"category": "product_version",
"name": "8.0.462.0",
"product": {
"name": "IBM Semeru Runtime 8.0.462.0",
"product_id": "T045792-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:semeru_runtime:8.0.462.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c11.0.28.0",
"product": {
"name": "IBM Semeru Runtime \u003c11.0.28.0",
"product_id": "T045793"
}
},
{
"category": "product_version",
"name": "11.0.28.0",
"product": {
"name": "IBM Semeru Runtime 11.0.28.0",
"product_id": "T045793-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:semeru_runtime:11.0.28.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c17.0.16.0",
"product": {
"name": "IBM Semeru Runtime \u003c17.0.16.0",
"product_id": "T045794"
}
},
{
"category": "product_version",
"name": "17.0.16.0",
"product": {
"name": "IBM Semeru Runtime 17.0.16.0",
"product_id": "T045794-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:semeru_runtime:17.0.16.0"
}
}
},
{
"category": "product_version_range",
"name": "\u003c21.0.8.0",
"product": {
"name": "IBM Semeru Runtime \u003c21.0.8.0",
"product_id": "T045795"
}
},
{
"category": "product_version",
"name": "21.0.8.0",
"product": {
"name": "IBM Semeru Runtime 21.0.8.0",
"product_id": "T045795-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:semeru_runtime:21.0.8.0"
}
}
}
],
"category": "product_name",
"name": "Semeru Runtime"
},
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c6.3.0.6",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.3.0.6",
"product_id": "T047329"
}
},
{
"category": "product_version",
"name": "6.3.0.6",
"product": {
"name": "IBM Sterling Connect:Direct 6.3.0.6",
"product_id": "T047329-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.3.0.6"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.4.0.3",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.4.0.3",
"product_id": "T047330"
}
},
{
"category": "product_version",
"name": "6.4.0.3",
"product": {
"name": "IBM Sterling Connect:Direct 6.4.0.3",
"product_id": "T047330-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.4.0.3"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.0.9",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.2.0.9",
"product_id": "T047331"
}
},
{
"category": "product_version",
"name": "6.2.0.9",
"product": {
"name": "IBM Sterling Connect:Direct 6.2.0.9",
"product_id": "T047331-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.2.0.9"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.0.8",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.2.0.8",
"product_id": "T047347"
}
},
{
"category": "product_version",
"name": "6.2.0.8",
"product": {
"name": "IBM Sterling Connect:Direct 6.2.0.8",
"product_id": "T047347-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.2.0.8"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.2.0.29",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.2.0.29",
"product_id": "T047720"
}
},
{
"category": "product_version",
"name": "6.2.0.29",
"product": {
"name": "IBM Sterling Connect:Direct 6.2.0.29",
"product_id": "T047720-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.2.0.29"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.3.0.15",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.3.0.15",
"product_id": "T047721"
}
},
{
"category": "product_version",
"name": "6.3.0.15",
"product": {
"name": "IBM Sterling Connect:Direct 6.3.0.15",
"product_id": "T047721-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.3.0.15"
}
}
},
{
"category": "product_version_range",
"name": "\u003c6.4.0.4",
"product": {
"name": "IBM Sterling Connect:Direct \u003c6.4.0.4",
"product_id": "T047722"
}
},
{
"category": "product_version",
"name": "6.4.0.4",
"product": {
"name": "IBM Sterling Connect:Direct 6.4.0.4",
"product_id": "T047722-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:sterling_connect%3adirect:6.4.0.4"
}
}
}
],
"category": "product_name",
"name": "Sterling Connect:Direct"
},
{
"branches": [
{
"category": "product_version",
"name": "for multiplatforms",
"product": {
"name": "IBM TXSeries for multiplatforms",
"product_id": "T036617",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:txseries:for_multiplatforms"
}
}
}
],
"category": "product_name",
"name": "TXSeries"
},
{
"branches": [
{
"category": "product_version",
"name": "6.2.0.0-6.2.0.6",
"product": {
"name": "IBM Tivoli Business Service Manager 6.2.0.0-6.2.0.6",
"product_id": "T046988",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_business_service_manager:6.2.0.0_-_6.2.0.6"
}
}
}
],
"category": "product_name",
"name": "Tivoli Business Service Manager"
},
{
"category": "product_name",
"name": "IBM Tivoli Key Lifecycle Manager",
"product": {
"name": "IBM Tivoli Key Lifecycle Manager",
"product_id": "T026238",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_key_lifecycle_manager:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "for Virtual Environments 7.3.7",
"product": {
"name": "IBM Tivoli Monitoring for Virtual Environments 7.3.7",
"product_id": "T041162",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:for_virtual_environments__7.3.7"
}
}
},
{
"category": "product_version",
"name": "6.3.0.7",
"product": {
"name": "IBM Tivoli Monitoring 6.3.0.7",
"product_id": "T046655",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:6.3.0.7"
}
}
},
{
"category": "product_version",
"name": "7.2.10",
"product": {
"name": "IBM Tivoli Monitoring 7.2.10",
"product_id": "T046945",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_monitoring:7.2.10"
}
}
}
],
"category": "product_name",
"name": "Tivoli Monitoring"
},
{
"branches": [
{
"category": "product_version",
"name": "8.1.0",
"product": {
"name": "IBM Tivoli Netcool/OMNIbus 8.1.0",
"product_id": "700367",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_netcool%2fomnibus:8.1.0"
}
}
}
],
"category": "product_name",
"name": "Tivoli Netcool/OMNIbus"
},
{
"category": "product_name",
"name": "IBM Tivoli Network Manager",
"product": {
"name": "IBM Tivoli Network Manager",
"product_id": "T046989",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:tivoli_network_manager:-"
}
}
},
{
"category": "product_name",
"name": "IBM WebSphere Application Server",
"product": {
"name": "IBM WebSphere Application Server",
"product_id": "T000377",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_application_server:-"
}
}
},
{
"branches": [
{
"category": "product_version",
"name": "8.5",
"product": {
"name": "IBM WebSphere Service Registry and Repository 8.5",
"product_id": "306235",
"product_identification_helper": {
"cpe": "cpe:/a:ibm:websphere_service_registry_and_repository:8.5"
}
}
}
],
"category": "product_name",
"name": "WebSphere Service Registry and Repository"
}
],
"category": "vendor",
"name": "IBM"
},
{
"branches": [
{
"category": "product_name",
"name": "IGEL OS",
"product": {
"name": "IGEL OS",
"product_id": "T017865",
"product_identification_helper": {
"cpe": "cpe:/o:igel:os:-"
}
}
}
],
"category": "vendor",
"name": "IGEL"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source OpenJDK",
"product": {
"name": "Open Source OpenJDK",
"product_id": "580789",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:openjdk:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "for JDK 17.0.15",
"product": {
"name": "Oracle GraalVM for JDK 17.0.15",
"product_id": "T045416",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:for_jdk_17.0.15"
}
}
},
{
"category": "product_version",
"name": "for JDK 21.0.7",
"product": {
"name": "Oracle GraalVM for JDK 21.0.7",
"product_id": "T045417",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:for_jdk_21.0.7"
}
}
},
{
"category": "product_version",
"name": "for JDK 24.0.1",
"product": {
"name": "Oracle GraalVM for JDK 24.0.1",
"product_id": "T045418",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:for_jdk_24.0.1"
}
}
},
{
"category": "product_version",
"name": "Enterprise Edition 21.3.14",
"product": {
"name": "Oracle GraalVM Enterprise Edition 21.3.14",
"product_id": "T045419",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:graalvm:enterprise_edition_21.3.14"
}
}
}
],
"category": "product_name",
"name": "GraalVM"
},
{
"branches": [
{
"category": "product_version",
"name": "11.0.27",
"product": {
"name": "Oracle Java SE 11.0.27",
"product_id": "T045386",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:11.0.27"
}
}
},
{
"category": "product_version",
"name": "17.0.15",
"product": {
"name": "Oracle Java SE 17.0.15",
"product_id": "T045387",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:17.0.15"
}
}
},
{
"category": "product_version",
"name": "21.0.7",
"product": {
"name": "Oracle Java SE 21.0.7",
"product_id": "T045388",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:21.0.7"
}
}
},
{
"category": "product_version",
"name": "24.0.1",
"product": {
"name": "Oracle Java SE 24.0.1",
"product_id": "T045389",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:24.0.1"
}
}
},
{
"category": "product_version",
"name": "8u451-perf",
"product": {
"name": "Oracle Java SE 8u451-perf",
"product_id": "T045415",
"product_identification_helper": {
"cpe": "cpe:/a:oracle:java_se:8u451-perf"
}
}
}
],
"category": "product_name",
"name": "Java SE"
},
{
"category": "product_name",
"name": "Oracle Linux",
"product": {
"name": "Oracle Linux",
"product_id": "T004914",
"product_identification_helper": {
"cpe": "cpe:/o:oracle:linux:-"
}
}
}
],
"category": "vendor",
"name": "Oracle"
},
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003c12.3.2",
"product": {
"name": "RealObjects PDFreactor \u003c12.3.2",
"product_id": "T048230"
}
},
{
"category": "product_version",
"name": "12.3.2",
"product": {
"name": "RealObjects PDFreactor 12.3.2",
"product_id": "T048230-fixed",
"product_identification_helper": {
"cpe": "cpe:/a:realobjects:pdfreactor:12.3.2"
}
}
}
],
"category": "product_name",
"name": "PDFreactor"
}
],
"category": "vendor",
"name": "RealObjects"
},
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux",
"product": {
"name": "Red Hat Enterprise Linux",
"product_id": "67646",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:-"
}
}
}
],
"category": "vendor",
"name": "Red Hat"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux",
"product": {
"name": "SUSE Linux",
"product_id": "T002207",
"product_identification_helper": {
"cpe": "cpe:/o:suse:suse_linux:-"
}
}
},
{
"category": "product_name",
"name": "SUSE openSUSE",
"product": {
"name": "SUSE openSUSE",
"product_id": "T027843",
"product_identification_helper": {
"cpe": "cpe:/o:suse:opensuse:-"
}
}
}
],
"category": "vendor",
"name": "SUSE"
},
{
"branches": [
{
"category": "product_name",
"name": "Ubuntu Linux",
"product": {
"name": "Ubuntu Linux",
"product_id": "T000126",
"product_identification_helper": {
"cpe": "cpe:/o:canonical:ubuntu_linux:-"
}
}
}
],
"category": "vendor",
"name": "Ubuntu"
},
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "v7",
"product": {
"name": "Xerox FreeFlow Print Server v7",
"product_id": "T035098",
"product_identification_helper": {
"cpe": "cpe:/a:xerox:freeflow_print_server:v7"
}
}
}
],
"category": "product_name",
"name": "FreeFlow Print Server"
}
],
"category": "vendor",
"name": "Xerox"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-23166",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-23166"
},
{
"cve": "CVE-2025-24855",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-24855"
},
{
"cve": "CVE-2025-27113",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-27113"
},
{
"cve": "CVE-2025-30749",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30749"
},
{
"cve": "CVE-2025-30752",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30752"
},
{
"cve": "CVE-2025-30754",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30754"
},
{
"cve": "CVE-2025-30761",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-30761"
},
{
"cve": "CVE-2025-50059",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50059"
},
{
"cve": "CVE-2025-50063",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50063"
},
{
"cve": "CVE-2025-50065",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50065"
},
{
"cve": "CVE-2025-50106",
"product_status": {
"known_affected": [
"T046590",
"T011169",
"T012259",
"T035098",
"T004914",
"T047329",
"T047722",
"T021498",
"T021415",
"398363",
"T025611",
"T045387",
"T047720",
"T047841",
"T045386",
"T047721",
"T045389",
"T045422",
"T045388",
"T045421",
"T033489",
"T017562",
"T039664",
"T036271",
"T046988",
"T045415",
"T036273",
"2951",
"T002207",
"T045417",
"T045416",
"444803",
"T045419",
"T046945",
"T046989",
"T045418",
"T027843",
"T047276",
"T026238",
"T047275",
"T046466",
"T040640",
"306235",
"T048230",
"67646",
"700367",
"T029071",
"T036688",
"T045525",
"T046655",
"T041162",
"T046975",
"T047866",
"T020304",
"T000377",
"T024464",
"T047347",
"T047864",
"T038839",
"T036617",
"T038750",
"T032495",
"T045831",
"T043411",
"T046724",
"T046727",
"T017865",
"T046728",
"T000126",
"T046725",
"580789",
"T046726",
"T047331",
"T045792",
"T047330",
"T045794",
"T047534",
"T048226",
"T045793",
"T045795"
]
},
"release_date": "2025-07-15T22:00:00.000+00:00",
"title": "CVE-2025-50106"
}
]
}
CNVD-2025-24092
Vulnerability from cnvd - Published: 2025-10-17
VLAI Severity ?
Title
Oracle Java SE存在未明漏洞(CNVD-2025-24092)
Description
Oracle Java SE是美国甲骨文(Oracle)公司的一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE的Oracle GraalVM for JDK存在安全漏洞,攻击者可利用该漏洞导致部分拒绝服务。
Severity
低
Patch Name
Oracle Java SE存在未明漏洞(CNVD-2025-24092)的补丁
Patch Description
Oracle Java SE是美国甲骨文(Oracle)公司的一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。
Oracle Java SE的Oracle GraalVM for JDK存在安全漏洞,攻击者可利用该漏洞导致部分拒绝服务。目前,供应商发布了安全公告及相关补丁信息,修复了此漏洞。
Formal description
厂商已发布了漏洞修复程序,请及时关注更新: https://www.oracle.com/security-alerts/cpujul2025.html
Reference
https://www.oracle.com/security-alerts/cpujul2025.html
Impacted products
| Name | Oracle Oracle GraalVM for JDK 24.0.1 |
|---|
{
"cves": {
"cve": {
"cveNumber": "CVE-2025-50065",
"cveUrl": "https://nvd.nist.gov/vuln/detail/CVE-2025-50065"
}
},
"description": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\n\nOracle Java SE\u7684Oracle GraalVM for JDK\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u90e8\u5206\u62d2\u7edd\u670d\u52a1\u3002",
"formalWay": "\u5382\u5546\u5df2\u53d1\u5e03\u4e86\u6f0f\u6d1e\u4fee\u590d\u7a0b\u5e8f\uff0c\u8bf7\u53ca\u65f6\u5173\u6ce8\u66f4\u65b0\uff1a\r\nhttps://www.oracle.com/security-alerts/cpujul2025.html",
"isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
"number": "CNVD-2025-24092",
"openTime": "2025-10-17",
"patchDescription": "Oracle Java SE\u662f\u7f8e\u56fd\u7532\u9aa8\u6587\uff08Oracle\uff09\u516c\u53f8\u7684\u4e00\u6b3e\u7528\u4e8e\u5f00\u53d1\u548c\u90e8\u7f72\u684c\u9762\u3001\u670d\u52a1\u5668\u4ee5\u53ca\u5d4c\u5165\u8bbe\u5907\u548c\u5b9e\u65f6\u73af\u5883\u4e2d\u7684Java\u5e94\u7528\u7a0b\u5e8f\u3002\r\n\r\nOracle Java SE\u7684Oracle GraalVM for JDK\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u5bfc\u81f4\u90e8\u5206\u62d2\u7edd\u670d\u52a1\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
"patchName": "Oracle Java SE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2025-24092\uff09\u7684\u8865\u4e01",
"products": {
"product": "Oracle Oracle GraalVM for JDK 24.0.1"
},
"referenceLink": "https://www.oracle.com/security-alerts/cpujul2025.html",
"serverity": "\u4f4e",
"submitTime": "2025-07-21",
"title": "Oracle Java SE\u5b58\u5728\u672a\u660e\u6f0f\u6d1e\uff08CNVD-2025-24092\uff09"
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…