VIR Vulnerability Intelligence Relay

CVE-2025-53057

medium
Published 2025-10-23 · Modified 2025-10-30
CVSS v3
5.9
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
CVSS v2
VIR risk
5.9

Description

Moderate: java-21-openjdk security update

Predictions

Exploit likelihood
69%
Patch ETA

Heuristic predictions, AS-IS, for prioritization only.

Mitigations

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-18824.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-18821.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/9/ALSA-2025-18815.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-18821.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-18824.html

vendor Authored 2026-05-27

Vendor advisory: alma — https://errata.almalinux.org/8/ALSA-2025-18815.html

vendor Authored 2026-05-27

Vendor advisory: debian — https://security-tracker.debian.org/tracker/CVE-2025-53057

vendor Authored 2026-05-27

Vendor advisory: suse — https://www.suse.com/security/cve/CVE-2025-53057.html

vendor Authored 2026-05-27

Vendor advisory: secalert_us@oracle.com — https://www.oracle.com/security-alerts/cpuoct2025.html

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:18824

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:18821

vendor Authored 2026-05-27

Vendor advisory: redhat — https://access.redhat.com/errata/RHSA-2025:18815

OS impact
OSVersionStatusFixed in
redhat rhel9fixed
suse slesaffected
debian debianbullseyefixed11.0.29+6-1~deb11u1
debian debiansidfixed11.0.29+6-1
debian debianforkyfixed21.0.9+10-1
debian debiantrixiefixed21.0.9+10-1~deb13u1
debian debianbookwormfixed17.0.17+10-1~deb12u1

Application impact
VendorProductVersionsFixed
oracle oraclegraalvm21.3.15
oracle oraclegraalvm_for_jdk17.0.16
oracle oraclegraalvm_for_jdk21.0.8
oracle oraclejdk1.8.0
oracle oraclejdk11.0.28
oracle oraclejdk17.0.16
oracle oraclejdk21.0.8
oracle oraclejdk25
oracle oraclejre1.8.0
oracle oraclejre11.0.28
oracle oraclejre17.0.16
oracle oraclejre21.0.8
oracle oraclejre25

References

CWEs

CWE-284

Verify integrity in audit chain (admin only). AS-IS.