Search for vulnerabilities
Vulnerability details: VCID-31ee-5mw5-mqdp
Vulnerability ID VCID-31ee-5mw5-mqdp
Aliases CVE-2023-22081
Summary Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: JSSE). Supported versions that are affected are Oracle Java SE: 8u381, 8u381-perf, 11.0.20, 17.0.8, 21; Oracle GraalVM for JDK: 17.0.8, 21; Oracle GraalVM Enterprise Edition: 20.3.11, 21.3.7 and 22.3.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).
Status Published
Exploitability 0.5
Weighted Severity 4.8
Risk 2.4
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-295 Improper Certificate Validation
System Score Found at
cvssv3 5.3 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00067 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
epss 0.00073 https://api.first.org/data/v1/epss?cve=CVE-2023-22081
cvssv3.1 5.3 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Reference id Reference type URL
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json
https://api.first.org/data/v1/epss?cve=CVE-2023-22081
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22025
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-22081
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://lists.debian.org/debian-lts-announce/2023/10/msg00041.html
https://www.oracle.com/security-alerts/cpuoct2023.html
2243627 https://bugzilla.redhat.com/show_bug.cgi?id=2243627
cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_acquisition_unit:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:netapp:cloud_insights_storage_workload_security_agent:-:*:*:*:*:*:*:*
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:graalvm_for_jdk:21:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:11.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:17.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:17.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update381:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update381:*:*:-:*:*:*
cpe:2.3:a:oracle:jdk:1.8.0:update381:*:*:enterprise_performance_pack:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:1.8.0:update381:*:*:enterprise_performance_pack:*:*:*
cpe:2.3:a:oracle:jdk:21.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jdk:21.0.0:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:11.0.2:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:11.0.2:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:17.0.8:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:17.0.8:*:*:*:*:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update381:*:*:-:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update381:*:*:-:*:*:*
cpe:2.3:a:oracle:jre:1.8.0:update381:*:*:enterprise_performance_pack:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:1.8.0:update381:*:*:enterprise_performance_pack:*:*:*
cpe:2.3:a:oracle:jre:21.0.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:jre:21.0.0:*:*:*:*:*:*:*
CVE-2023-22081 https://nvd.nist.gov/vuln/detail/CVE-2023-22081
RHSA-2023:5725 https://access.redhat.com/errata/RHSA-2023:5725
RHSA-2023:5726 https://access.redhat.com/errata/RHSA-2023:5726
RHSA-2023:5727 https://access.redhat.com/errata/RHSA-2023:5727
RHSA-2023:5728 https://access.redhat.com/errata/RHSA-2023:5728
RHSA-2023:5729 https://access.redhat.com/errata/RHSA-2023:5729
RHSA-2023:5730 https://access.redhat.com/errata/RHSA-2023:5730
RHSA-2023:5731 https://access.redhat.com/errata/RHSA-2023:5731
RHSA-2023:5732 https://access.redhat.com/errata/RHSA-2023:5732
RHSA-2023:5733 https://access.redhat.com/errata/RHSA-2023:5733
RHSA-2023:5734 https://access.redhat.com/errata/RHSA-2023:5734
RHSA-2023:5735 https://access.redhat.com/errata/RHSA-2023:5735
RHSA-2023:5736 https://access.redhat.com/errata/RHSA-2023:5736
RHSA-2023:5737 https://access.redhat.com/errata/RHSA-2023:5737
RHSA-2023:5739 https://access.redhat.com/errata/RHSA-2023:5739
RHSA-2023:5740 https://access.redhat.com/errata/RHSA-2023:5740
RHSA-2023:5741 https://access.redhat.com/errata/RHSA-2023:5741
RHSA-2023:5742 https://access.redhat.com/errata/RHSA-2023:5742
RHSA-2023:5743 https://access.redhat.com/errata/RHSA-2023:5743
RHSA-2023:5744 https://access.redhat.com/errata/RHSA-2023:5744
RHSA-2023:5745 https://access.redhat.com/errata/RHSA-2023:5745
RHSA-2023:5746 https://access.redhat.com/errata/RHSA-2023:5746
RHSA-2023:5747 https://access.redhat.com/errata/RHSA-2023:5747
RHSA-2023:5750 https://access.redhat.com/errata/RHSA-2023:5750
RHSA-2023:5751 https://access.redhat.com/errata/RHSA-2023:5751
RHSA-2023:5752 https://access.redhat.com/errata/RHSA-2023:5752
RHSA-2023:5753 https://access.redhat.com/errata/RHSA-2023:5753
RHSA-2023:5761 https://access.redhat.com/errata/RHSA-2023:5761
RHSA-2023:6738 https://access.redhat.com/errata/RHSA-2023:6738
RHSA-2023:6887 https://access.redhat.com/errata/RHSA-2023:6887
RHSA-2024:0866 https://access.redhat.com/errata/RHSA-2024:0866
RHSA-2024:0879 https://access.redhat.com/errata/RHSA-2024:0879
USN-6527-1 https://usn.ubuntu.com/6527-1/
USN-6528-1 https://usn.ubuntu.com/6528-1/
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-22081.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.21137
EPSS Score 0.00067
Published At July 30, 2025, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2025-07-31T08:29:26.740524+00:00 Alpine Linux Importer Import https://secdb.alpinelinux.org/v3.18/community.json 37.0.0