Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-11vj-5zz4-6fe7
Vulnerability ID VCID-11vj-5zz4-6fe7
Aliases CVE-2025-30698
Summary openjdk: Enhance Buffered Image handling (Oracle CPU 2025-04)
Status Published
Exploitability 0.5
Weighted Severity 5.0
Risk 2.5
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-122 Heap-based Buffer Overflow
System Score Found at
cvssv3 5.6 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
epss 0.00605 https://api.first.org/data/v1/epss?cve=CVE-2025-30698
cvssv3.1 5.6 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1 5.6 https://www.oracle.com/security-alerts/cpuapr2025.html
ssvc Track https://www.oracle.com/security-alerts/cpuapr2025.html
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json
https://api.first.org/data/v1/epss?cve=CVE-2025-30698
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-30698
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1103897 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103897
1103898 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103898
1103899 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103899
1103900 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1103900
2359693 https://bugzilla.redhat.com/show_bug.cgi?id=2359693
cpuapr2025.html https://www.oracle.com/security-alerts/cpuapr2025.html
RHSA-2025:3844 https://access.redhat.com/errata/RHSA-2025:3844
RHSA-2025:3845 https://access.redhat.com/errata/RHSA-2025:3845
RHSA-2025:3846 https://access.redhat.com/errata/RHSA-2025:3846
RHSA-2025:3847 https://access.redhat.com/errata/RHSA-2025:3847
RHSA-2025:3848 https://access.redhat.com/errata/RHSA-2025:3848
RHSA-2025:3849 https://access.redhat.com/errata/RHSA-2025:3849
RHSA-2025:3850 https://access.redhat.com/errata/RHSA-2025:3850
RHSA-2025:3852 https://access.redhat.com/errata/RHSA-2025:3852
RHSA-2025:3853 https://access.redhat.com/errata/RHSA-2025:3853
RHSA-2025:3854 https://access.redhat.com/errata/RHSA-2025:3854
RHSA-2025:3855 https://access.redhat.com/errata/RHSA-2025:3855
RHSA-2025:3856 https://access.redhat.com/errata/RHSA-2025:3856
RHSA-2025:3857 https://access.redhat.com/errata/RHSA-2025:3857
RHSA-2025:7508 https://access.redhat.com/errata/RHSA-2025:7508
RHSA-2025:8063 https://access.redhat.com/errata/RHSA-2025:8063
RHSA-2025:8431 https://access.redhat.com/errata/RHSA-2025:8431
USN-7480-1 https://usn.ubuntu.com/7480-1/
USN-7481-1 https://usn.ubuntu.com/7481-1/
USN-7482-1 https://usn.ubuntu.com/7482-1/
USN-7483-1 https://usn.ubuntu.com/7483-1/
USN-7484-1 https://usn.ubuntu.com/7484-1/
USN-7531-1 https://usn.ubuntu.com/7531-1/
USN-7533-1 https://usn.ubuntu.com/7533-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L Found at https://www.oracle.com/security-alerts/cpuapr2025.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2025-04-16T14:13:36Z/ Found at https://www.oracle.com/security-alerts/cpuapr2025.html
Exploit Prediction Scoring System (EPSS)
Percentile 0.69565
EPSS Score 0.00605
Published At April 2, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-04-01T13:40:49.701131+00:00 RedHat Importer Import https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-30698.json 38.0.0