Oracle GraalVM - 140 CVEs (Page 2/2)

About “Oracle GraalVM”

A curated feed of “Oracle GraalVM”-related CVEs appears below. We currently track 140 CVEs for this tag (all time). In the last 365 days, 23 were published. Average CVSS is 5.1 (all time; 5.7 over 365d), and 16% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-400 - Uncontrolled Resource Consumption, CWE-200 - Exposure of Sensitive Information to an Unauthorized Actor, CWE-284 - Improper Access Control.

In our taxonomy this topic maps to a MODERATE impact class. JDK and JVM updates affect TLS, serialization, and performance. Upgrade JDK or JRE, restart dependents, avoid unsupported builds, and consider key or cert rotation if needed. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0

2021-10-20

Medium

CVE-2021-35565

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12; Oracle GraalVM En…

CVSS: 5.3 CWE: N/A View on NVD

Medium

CVE-2021-35564

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Keytool). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle Gra…

CVSS: 5.3 CWE: N/A View on NVD

Medium

CVE-2021-35561

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Utility). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle Gra…

CVSS: 5.3 CWE: N/A View on NVD

Medium

CVE-2021-35559

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Swing). Supported versions that are affected are Java SE: 7u311, 8u301, 11.0.12, 17; Oracle Graal…

CVSS: 5.3 CWE: CWE-400 - Uncontrolled Resource Consumption View on NVD

Medium

CVE-2021-35556

CVSS: 5.3 CWE: CWE-693 - Protection Mechanism Failure View on NVD

Medium

CVE-2021-35550

CVSS: 5.9 CWE: N/A View on NVD

2021-07-21

High

CVE-2021-2388

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Java SE: 8u291, 11.0.11, 16.0.1; Oracle GraalV…

CVSS: 7.5 CWE: N/A View on NVD

Medium

CVE-2021-2369

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle…

CVSS: 4.3 CWE: N/A View on NVD

Low

CVE-2021-2341

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Networking). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Ora…

CVSS: 3.1 CWE: N/A View on NVD

2021-04-22

Medium

CVE-2021-2163

Vulnerability in the Java SE, Java SE Embedded, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Libraries). Supported versions that are affected are Java SE: 7u291, 8u281, 11.…

CVSS: 5.3 CWE: N/A View on NVD

Medium

CVE-2021-2161

CVSS: 5.9 CWE: N/A View on NVD

2020-07-15

High

CVE-2020-14718

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: JVMCI). Supported versions that are affected are 19.3.2 and 20.1.0. Easily exploitable vulnerability allow…

CVSS: 7.2 CWE: N/A View on NVD

2020-04-15

Low

CVE-2020-2900

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: Tools). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulnerability all…

CVSS: 3.7 CWE: N/A View on NVD

High

CVE-2020-2802

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Supported versions that are affected are 19.3.1 and 20.0.0. Easily exploitable vulnerab…

CVSS: 7.7 CWE: N/A View on NVD

Medium

CVE-2020-2799

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). Supported versions that are affected are 19.3.1 and 20.0.0. Difficult to exploit vulner…

CVSS: 6.3 CWE: N/A View on NVD

2020-01-15

Medium

CVE-2020-2595

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability al…

CVSS: 5.8 CWE: N/A View on NVD

Medium

CVE-2020-2581

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). The supported version that is affected is 19.3.0.2. Easily exploitable vulnerability al…

CVSS: 4.0 CWE: N/A View on NVD

2019-10-16

High

CVE-2019-2986

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). The supported version that is affected is 19.2.0. Easily exploitable vulnerability allo…

CVSS: 7.7 CWE: N/A View on NVD

2019-07-23

Medium

CVE-2019-2862

Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: Java). The supported version that is affected is 19.0.0. Difficult to exploit vulnerability allows un…

CVSS: 6.8 CWE: N/A View on NVD

High

CVE-2019-2813

Vulnerability in the Oracle GraalVM Enterprise Edition component of Oracle GraalVM (subcomponent: GraalVM). The supported version that is affected is 19.0.0. Easily exploitable vulnerability allows l…

CVSS: 7.7 CWE: N/A View on NVD