PT-2025-42977 · Oracle · Graalvm For Jdk 21.0.8+1

Publicado

2025-10-14

Atualizado

2025-10-27

CVE-2025-61755

CVSS v3.1

3.7

Baixa

Vetor

AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle GraalVM for JDK versions 17.0.16 and 21.0.8

Description A difficult to exploit issue exists in the Oracle GraalVM for JDK product of Oracle Java SE, specifically within the Compiler component. An unauthenticated attacker with network access, utilizing multiple protocols, may be able to compromise the system and gain unauthorized read access to a subset of Oracle GraalVM for JDK data.

Recommendations Update Oracle GraalVM for JDK version 17.0.16 to a newer, fixed version. Update Oracle GraalVM for JDK version 21.0.8 to a newer, fixed version.

Correção

Missing Authorization

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-862

Identificadores relacionados

BDU:2025-14034

CVE-2025-61755

Produtos afetados

Graalvm For Jdk 17.0.16

Graalvm For Jdk 21.0.8

PT-2025-42977 · Oracle · Graalvm For Jdk 21.0.8+1

CVE-2025-61755

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7