CVE-2025-30752

CVSS v3.1

3.7

Low

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Name of the Vulnerable Software and Affected Versions Oracle Java SE version 24.0.1 Oracle GraalVM for JDK version 24.0.1

Description A difficult-to-exploit vulnerability exists in Oracle Java SE and Oracle GraalVM for JDK (component: Compiler). An unauthenticated attacker with network access via multiple protocols can compromise the software, potentially resulting in a partial denial of service (partial DOS). This vulnerability applies to Java deployments that load and run untrusted code, such as sandboxed Java Web Start applications or sandboxed Java applets. It does not apply to deployments that load and run only trusted code.

Recommendations For Oracle Java SE version 24.0.1, ensure Java deployments only load and run trusted code. For Oracle GraalVM for JDK version 24.0.1, ensure Java deployments only load and run trusted code.

Fix

DoS

RCE

Resource Exhaustion

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20CWE-400

Related Identifiers

BDU:2025-09722

BIT-JAVA-2025-30752

BIT-JAVA-MIN-2025-30752

BIT-JRE-2025-30752

CVE-2025-30752

Affected Products

Java Platform

Oracle Graalvm For Jdk

Oracle Java Se

CVE-2025-30752

Weakness Enumeration

Related Identifiers

Affected Products

References · 14