VulnerableCode Vulnerability Details

Search for vulnerabilities

System	Score	Found at
cvssv3	4.8	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
epss	0.002	https://api.first.org/data/v1/epss?cve=CVE-2025-21502
cvssv3.1	4.8	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	4.8	https://www.oracle.com/security-alerts/cpujan2025.html
ssvc	Track	https://www.oracle.com/security-alerts/cpujan2025.html

System

Score

Found at

cvssv3

4.8

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

epss

0.002

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

cvssv3.1

4.8

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

cvssv3.1

4.8

https://www.oracle.com/security-alerts/cpujan2025.html

ssvc

Track

https://www.oracle.com/security-alerts/cpujan2025.html

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json
		https://api.first.org/data/v1/epss?cve=CVE-2025-21502
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
2338992		https://bugzilla.redhat.com/show_bug.cgi?id=2338992
cpe:2.3:a:oracle:graalvm:20.3.16::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16::::enterprise:::
cpe:2.3:a:oracle:graalvm:21.3.12::::enterprise:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12::::enterprise:::
cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:::::::*
cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:::::::*
cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:::::::*
cpe:2.3:a:oracle:java_se:11.0.25:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:::::::*
cpe:2.3:a:oracle:java_se:17.0.13:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:::::::*
cpe:2.3:a:oracle:java_se:21.0.5:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:::::::*
cpe:2.3:a:oracle:java_se:23.0.1:::::::*		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:::::::*
cpe:2.3:a:oracle:java_se:8u431::::enterprise_performance:::		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431::::enterprise_performance:::
cpujan2025.html		https://www.oracle.com/security-alerts/cpujan2025.html
RHSA-2025:0421		https://access.redhat.com/errata/RHSA-2025:0421
RHSA-2025:0422		https://access.redhat.com/errata/RHSA-2025:0422
RHSA-2025:0423		https://access.redhat.com/errata/RHSA-2025:0423
RHSA-2025:0424		https://access.redhat.com/errata/RHSA-2025:0424
RHSA-2025:0425		https://access.redhat.com/errata/RHSA-2025:0425
RHSA-2025:0426		https://access.redhat.com/errata/RHSA-2025:0426
RHSA-2025:0427		https://access.redhat.com/errata/RHSA-2025:0427
RHSA-2025:0428		https://access.redhat.com/errata/RHSA-2025:0428
RHSA-2025:0429		https://access.redhat.com/errata/RHSA-2025:0429
RHSA-2025:1154		https://access.redhat.com/errata/RHSA-2025:1154
RHSA-2025:2615		https://access.redhat.com/errata/RHSA-2025:2615
USN-7252-1		https://usn.ubuntu.com/7252-1/
USN-7253-1		https://usn.ubuntu.com/7253-1/
USN-7254-1		https://usn.ubuntu.com/7254-1/
USN-7255-1		https://usn.ubuntu.com/7255-1/
USN-7338-1		https://usn.ubuntu.com/7338-1/
USN-7339-1		https://usn.ubuntu.com/7339-1/

Reference id

Reference type

URL

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json

https://api.first.org/data/v1/epss?cve=CVE-2025-21502

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-21502

https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

2338992

https://bugzilla.redhat.com/show_bug.cgi?id=2338992

cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:20.3.16:*:*:*:enterprise:*:*:*

cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm:21.3.12:*:*:*:enterprise:*:*:*

cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:17.0.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:21.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:graalvm_for_jdk:23.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:11.0.25:*:*:*:*:*:*:*

cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:17.0.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:21.0.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:23.0.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*

https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:java_se:8u431:*:*:*:enterprise_performance:*:*:*

cpujan2025.html

https://www.oracle.com/security-alerts/cpujan2025.html

RHSA-2025:0421

https://access.redhat.com/errata/RHSA-2025:0421

RHSA-2025:0422

https://access.redhat.com/errata/RHSA-2025:0422

RHSA-2025:0423

https://access.redhat.com/errata/RHSA-2025:0423

RHSA-2025:0424

https://access.redhat.com/errata/RHSA-2025:0424

RHSA-2025:0425

https://access.redhat.com/errata/RHSA-2025:0425

RHSA-2025:0426

https://access.redhat.com/errata/RHSA-2025:0426

RHSA-2025:0427

https://access.redhat.com/errata/RHSA-2025:0427

RHSA-2025:0428

https://access.redhat.com/errata/RHSA-2025:0428

RHSA-2025:0429

https://access.redhat.com/errata/RHSA-2025:0429

RHSA-2025:1154

https://access.redhat.com/errata/RHSA-2025:1154

RHSA-2025:2615

https://access.redhat.com/errata/RHSA-2025:2615

USN-7252-1

https://usn.ubuntu.com/7252-1/

USN-7253-1

https://usn.ubuntu.com/7253-1/

USN-7254-1

https://usn.ubuntu.com/7254-1/

USN-7255-1

https://usn.ubuntu.com/7255-1/

USN-7338-1

https://usn.ubuntu.com/7338-1/

USN-7339-1

https://usn.ubuntu.com/7339-1/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:43:04.337672+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json	38.0.0

2026-04-01T13:43:04.337672+00:00

RedHat Importer

Import

https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2025-21502.json

38.0.0

Vulnerability ID	VCID-ntga-y6cv-a3df
Aliases	CVE-2025-21502
Summary	openjdk: Enhance array handling (Oracle CPU 2025-01)
Status	Published
Exploitability	0.5
Weighted Severity	4.3
Risk	2.1
Affected and Fixed Packages	Package Details

Percentile	0.42064
EPSS Score	0.002
Published At	April 2, 2026, 12:55 p.m.