CNNVD-202510-2690 Information

Oct 21, 2025 cve

CNNVD ID

CNNVD-202510-2690

CVE-2025-61755

  • CNNVD Published: 2025-10-21

Description (Chinese)

Oracle Java SE是美国甲骨文(Oracle)公司的一款用于开发和部署桌面、服务器以及嵌入设备和实时环境中的Java应用程序。 Oracle Java SE的Oracle GraalVM for JDK 17.0.16版本和21.0.8版本存在安全漏洞,该漏洞源于编译器组件存在缺陷,可能导致未经授权的数据读取。

Description (English)

Oracle Java SE is a section of Oracle, United States, for the development and deployment of desktops, servers and Java applications embedded in equipment and real-time environments. Oracle GraalVM for JDK version 17.0.16 and version 21.0.8 of Oracle Java SE contains a security loophole, which stems from deficiencies in the compiler component and may lead to unauthorized data access.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

甲骨文

Published

2025-10-21

Last Modified

2026-02-24

References

https://www.oracle.com/security-alerts/cpuoct2025.html https://www.oracle.com/security-alerts/cpujan2026.html https://access.redhat.com/security/cve/cve-2025-61755

Patch

https://www.oracle.com/security-alerts/cpuoct2025.html

Share on: