Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2022-21597

Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JavaScript). Supported versions that are affected are Oracle GraalVM Enterprise Edition: 20.3.7, 21.3.3 and 22.2.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle GraalVM Enterprise Edition accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

  • Published: Oct 18, 2022
  • Updated: Apr 14, 2023
  • CVE: CVE-2022-21597
  • Severity: Medium
  • Exploit:

CVSS v3:

  • Severity: Medium
  • Score: 5.3
  • AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

No CWE or OWASP classifications available.

Software From Fixed in
oracle / graalvm 20.3.7 20.3.7.x
oracle / graalvm 21.3.3 21.3.3.x
oracle / graalvm 22.2.0 22.2.0.x