CNNVD-202510-2680 Information

Oct 21, 2025 cve

CNNVD ID

CNNVD-202510-2680

CVE-2025-53057

  • CNNVD Published: 2025-10-21

Description (Chinese)

Oracle Java SE是美国甲骨文(Oracle)公司的一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。 Oracle Java SE的Oracle Java SE、Oracle GraalVM for JDK和Oracle GraalVM Enterprise Edition存在安全漏洞,该漏洞源于安全组件存在缺陷,可能导致未经授权的数据创建、删除或修改。以下产品及版本受到影响:Oracle Java SE 8u461版本、8u461-perf版本、11.0.28版本、17.0.16版本、21.0.8版本和25版本、Oracle GraalVM for JDK 17.0.16版本和21.0.8版本以及Oracle GraalVM Enterprise Edition 21.3.15版本。

Description (English)

Oracle Java SE is a section of Oracle, United States, for the development and deployment of desktops, servers and Java applications embedded in equipment and real-time environments. Oracle Java SE, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition has a security loophole, which stems from deficiencies in security components that may lead to unauthorized data creation, deletion or modification. The following products and versions have been affected: Oracle Java SE 8u461, 8u461-perf, 11.0.28, 17.0.16, 21.0.8 and 25, Oracle GraalVM for JDK 17.0.16 and 21.0.8 and Oracle GraalVM Enterprise 21.3.15.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

甲骨文

Published

2025-10-21

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/cpuoct2025.html

Patch

https://www.oracle.com/security-alerts/cpuoct2025.html

Share on: