CVE-2025-50065
BaseFortify
Publication date: 2025-07-15
Last updated on: 2025-08-04
Assigner: Oracle
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| oracle | graalvm_for_jdk | 24.0.1 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-269 | The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in the Oracle GraalVM for JDK product, specifically in the Native Image component. It is difficult to exploit but allows an unauthenticated attacker with network access via HTTP to potentially compromise the system. The main impact is that an attacker can cause a partial denial of service (partial DOS) on Oracle GraalVM for JDK.
How can this vulnerability impact me? :
The vulnerability can lead to a partial denial of service (partial DOS) of the Oracle GraalVM for JDK, which means that the availability of the affected system could be reduced or interrupted. This could affect the normal operation of applications relying on this product.